Hi everyone. I've installed a Cisco PIX 515E firewall and everything was perfect. Suddenly, I found that I am not able to download anything from FTP sites in my inside network (I was able to when I first installed it and I didn't change anything). I have an ISA server behind my firewall. If I disable the proxy settings from an inside workstation the download works fine. Is it possible that there is some problem when we connect the PIX to ISA? I had the ISA before the PIX and everything was working fine. On the ISA server itself I can download anything I want. The PIX is the gateway for the ISA server. I tried using the "no fixup protocol ftp 21" but didn't get any results. By the way I haven't used the DMZ yet (my mail server is curently in the inside part).
Please advice me. Below are the headlines of the configuration. Thanks.
fixup protocol http 80
fixup protocol h323 1720
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol sip 5060
fixup protocol skinny 2000
no fixup protocol ftp 21
access-list smtp permit tcp any host <inside_mail_server_ip_address> eq smtp
global (outside) 1 <global_ip_address> netmask x.x.x.x
Hello. The only access-list I am using is the one permitting smtp traffic to go inside to the mail server, it is shown in the posted configuration and it is working fine. Do I have to put an access-list to permit FTP traffic to the ISA server? If yes what ports should I use else than port 21? Do I make the destination of the access-list the ISA server? Thanks.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :