Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

ftp over ipsec

I have created new IPSec tunnel between branch to branch (1750 to 1750 router) and tested the FTP file transfer.I am able to logon to the FTP server and able to see the files but i could not PUT or GET the the files.Encryption happening for PING and encryption not working totally between 1750 routers for FTP PUT &GET.

And there is no problem with FTP server because without ipsec,FTP is working fine and also i tested with other FTP server.

both routers are running ospf.

Also we have tried the ftp between central router 3661 and remote router 1750. Routers running IPsec and routing protocol OSPF and . I was able to do ping, telnet and also able to download file from ftp server located at central location. But I am not able to upload the file from remote router 1750 to central router 3661.

What could be the problem.


Re: ftp over ipsec

You are having here some MTU problems.

As the IPSec adds some overhead to the IP packets

the MTU decreases. The router informs the stations sending

1500Bytes packets and DF set via ICMP to decrease

the MTU.

At one end (based on your desription at remote site)

probably the station tries to send packets of 1500 octets size

and ignoes the router ICMP's.

You can control the behavior of DF bit in newer IOS's (12.2.T).

CreatePlease to create content