Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

PIX FTP Question

I've got Cisco Secure PIX Firewall Version 5.1(4) and I would like to make FTP's download's from my inside network.

Is there any command that I've got to put in the configuration to enable that feature ???



Community Member

Re: PIX FTP Question

In the scenario where your FTP server resides on the inside network, and the FTP server is to be made available to outside users there are two steps to take inorder for this to be successful:

1st - A static NAT entry to this server. You may want to advertise this server on WWW and for outside users to more easily resolve, having the server name filed in DNS will be required.

2nd - you will want to establis a conduit. The conduit should have a mapping to the host address and protocol to that host address. There are plenty of examples on CCO for that.

Lastly, although in an ISP environment this is not a requirement, you could restrict user via username and password.

Hope this helps you,


Community Member

Re: PIX FTP Question

If you have nat/global configured and you are using passive FTP, no special configuration is required. If you are using standard mode FTP, you need to make sure that 'fixup protocol ftp 21' is configured on the PIX. This feature is on by default.

CreatePlease to create content