Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
273
Views
0
Helpful
1
Replies

PASV FTP blocked outbound

worshama
Level 1
Level 1

‎10-02-2002 08:41 AM - edited ‎03-09-2019 12:32 AM

A site with a 506 PIX 6.1(2) has an odd issue with FTP outbound

Passive mode seems to fail for clients reaching all ftp sites on internet.

Active mode still works, however. Both PAT and NAT machines are effected

Firewall has fixup protocol ftp 21set.

Labels:
0 Helpful
1 Reply 1

steve.barlow
Level 7
Level 7

‎10-02-2002 09:11 AM

Is fixup strict enable or just fixup?

Here are some potential bugs: CSCdr20233 & CSCdy78026

Does shop xlate and show conn show connections going through? Any acls?

You can do a debug fixup tcp and debug packet (as always use with caution).

This is a good link to help troubleshoot: http://www.cisco.com/univercd/cc/td/doc/cisintwk/itg_v1/tr1925.htm#xtocid8

Hope it helps.

Steve

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents