Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

How to configure the PIX Firewall 500 Series with software version 6.x to enable FTP traffic to pass through it with the access-list or fixup protocol command


When the FTP server is outside and the client is inside, perform one of these steps:

  • If the FTP application runs on standard ports, either issue the fixup protocol command (which dynamically opens the data channel).

For example:

fixup protocol ftp 21

  • Alternatively, issue the access-list command in order to open the required ports.

When the FTP server is inside and the client is outside, the data channel is initiated from the server inside of the PIX Firewall. Therefore, no explicit rule is needed since the server is on a higher security zone and is permitted by default.

Version history
Revision #:
1 of 1
Last update:
‎06-22-2009 04:09 PM
Updated by:
Labels (1)