If I define a rule in CSPM to allow passive FTP it creates a rule allowing port 21 and ports 49152 -> 65535. Does anyone know if it possible to change the range of high ports? Even though I can create new services (e.g. MYFTPPassive with a range 1024 -> 65535) I can not associate this with the FTP application. Does this mean that the fixup won't be applied?
Fixup is actually only done on the control port 21. When cbac/pix notices the traffic, it watches for the return port and allows the traffic. I would think that could be anything >1024. Probably worth running by a Cisco engineer.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...