03-23-2004 07:30 AM - edited 03-09-2019 06:51 AM
I'm having trouble allowing my internal users access to ftp servers out on the Internet. We're able to log into ftp sites, but our connection times out when the client tries to display the contents of the directory.
When we use an ftp client in passive mode, the connection works fine. Unfortunately, the applications that are using ftp will not do passive.
Any suggestions?
03-23-2004 10:38 AM
What is the PIX version? Do you have any syslogs?
03-23-2004 11:44 AM
We're having the same problem here with our PIX 515 running 6.3(3). Since things were working under 6.3(2), it appears something has changed within ftp fixup. From debug and syslogs, it looks like the ftp application inspection is having a problem reading the data connection port within the control channel PORT command. I've got a TAC case open on this...
03-23-2004 11:29 PM
pixfirewall(config)# fixup protocol ftp
03-24-2004 08:45 PM
Yes...we have "fixup proto ftp 21" under 6.3(3) and it doesn't work...it did work under 6.3(2)...something changed...Cisco TAC claims we are encrypting our ftp sessions...nothing has changed client wise from when we were running 6.3(2)...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide