Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

secure ftp

My understanding is that any firewall needs to monitor the FTP control port to know which dynamic ports to open.Since in secure ftp control port is also encrypted the firewall cannot monitor the control port so it is not possible to access a secure ftp site from behind a firewall.Is there any workaround.


Re: secure ftp

In my experience, SFTP usually runs over port 22 (ssh) or sometimes port 990. It does not do the same dynamic port allocation that standard FTP uses, so you should not have a problem through a firewall. If you know the type of SFTP server you wish to access I may be able to give more specifics.


New Member

Re: secure ftp

Thanks for the post.Essentially this is a Windows 2003 server with ISA firewall.Access from behind the firewall to secure ftp sites does not work.I got the port 22(not port 990) information too but the articles are making a distinction between Secure FTP/SSL and SFTP/SSH.At the moment all I can think of is open up port 22 and 990(inbound and outbound) on ISA firewall and hope for the best.Apparently Secure FTP/SSL does use dynamic ports or am I wrong?What kind of SFTP/SSH clients are available for Windows?