Hi,
I'm having issues on the data flow of my server to a certain public IP.
Currently the request is transmitted via FTP, same for receiving.
There are 2 ASA FW (IN & OUT) that both have ACL statements permitting FTP traffic.
The problem is the Public IP is migrating from FTP to HTTPS.
This is the original configuration of FW (OUT):
access-list <ACL name> extended permit object https object-group <object group name> object <public IP> log notifications
access-list <ACL name> extended permit tcp object-group <object group name> object <public IP> eq ftp log notifications
I've added and access-list entry to permit HTTPS traffic:
access-list <ACL name> extended permit object https object-group <object group name> object <public IP> log notifications
access-list <ACL name> extended permit tcp object-group <object group name> object <public IP> eq https log notifications
access-list <ACL name> extended permit tcp object-group <object group name> object <public IP> eq ftp log notifications
This is the original configuration of FW (IN):
access-list <ACL name> extended permit object squid object-group <object network> object <Proxy-IN>
access-list <ACL name> extended permit tcp object-group <object network> object <public IP> eq ftp log notifications
I've added and access-list entry to permit HTTPS traffic:
access-list <ACL name> extended permit object squid object-group <object network> object <Proxy-IN>
access-list <ACL name> extended permit tcp object-group <object network> object <public IP> eq https log notifications
access-list <ACL name> extended permit tcp object-group <object network> object <public IP> eq ftp log notifications
<object group name> & <object network> = Server's subnet
Static routes has been configured for the flow of traffic from Server to Public IP.
FTP is working well but HTTPS is not.
A route entry was configured on the Server: route <Public IP> </32> <FW(IN) interface>
Is there any additional conf/s that is/are needed to enable HTTPS traffic?
Your feedback will be greatly appreciated.
Thanks!
