Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

SFTP on PIX 515E 7.0(x)

Does PIX 515E 7.0(x) support SFTP? Are there solutions or workarounds?

Regards,

Santi

5 REPLIES
Anonymous
N/A

Re: SFTP on PIX 515E 7.0(x)

Yes, PIX 515 e supports SFTP

New Member

Re: SFTP on PIX 515E 7.0(x)

I am having trouble with 515E 7.0. I don't think that Version 7.0 suppots SFTP.

Re: SFTP on PIX 515E 7.0(x)

What kind of SFTP are talking about ?

sftp via ssh or an ftp server that uses a SSL/TLS implementation.

sincerely

Patrick

New Member

Re: SFTP on PIX 515E 7.0(x)

It is sftp for ftp server, the latter one.

Regards,

Santi

New Member

Re: SFTP on PIX 515E 7.0(x)

SFTP is not supported through the PIX.

This is because with SFTP the whole exchange is encrypted. This means that the PIX can't inspect the communications on the control channel (PORT or PASV, specifically) that dictate what the data channel is going to be. Since the PIX can't see what the data channel is going to be, it can't open up a hole for the traffic to pass through. In this situation you will probably be able to connect to an SFTP server, but you won't be able to list directories or transfer files.

There may be a workaround, if your client supports it. Some programs (WS_FTP is one, I think), have an option to send the control channel traffic in the clear, while still encrypting the data channel. This will allow the PIX to anticipate the data channel and allow it, and still have SFTP protect your data.

Thanks,

Matt

352
Views
14
Helpful
5
Replies
CreatePlease login to create content