03-07-2006 01:36 AM - edited 02-21-2020 12:45 AM
Hi,
Sorry for my very bad english. ¿Can you speak spanish?
Cisco PIX 515E 6.3 and PDM 3.0
I publish a Microsoft FTP Server through Cisco PIX 515E with static PAT.
In active (port) mode works fine, because in passive mode any command
receive response and a time out is received.
I use fixup command for ftp to port 21.
The static pat redirect ports tcp-udp 20 and 21, and access rules permit
trafic to ports TCP-UDP 20 and 21.
What is my problem?
Very thanks,
Diego Fernández
03-07-2006 03:02 AM
Hola Diego,
Could you add the 'strict' option for your fixup for FTP please i.e.
fixup protocol ftp [strict] [port]
(fixup protocol ftp strict 21)
Let me know if this helps,
Jay
03-07-2006 06:42 AM
Hi,
I add the strict option because this option not help me.
With active mode works fine because in passive mode FTP not work.
Thanks for interesting in my problem.
Diego Fernández
03-07-2006 07:48 AM
Please read the following. Might be a DNS issue.
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094459.shtml
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094317.shtml
Mike
03-07-2006 09:28 AM
Hi,
This articles is not the solution, because help me to find error.
This article said "execute logging trap debbuging". With this level of logging I view the error for FTP connection.
The problem is the FTP server had two IP's. When receive the conection in passive mode execute port command with IP1 because PIX PAT IP2.
I changed order for IP's and passive mode works fine.
Very thanks for your interesting and sorry for my very bad english.
Diego Fernández
03-24-2006 11:34 AM
Hi Diego,
I have a similar situation where in I can connect to FTP but cant list the folder. what did you do to resolve the issue?
I opened ftp ports 20 $ 21 already.
Many Thanks,
cym
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: