There's a mobile version of our website.
I have a ACE 4710 setup in a test environment(and context) with 2 filezilla FTP servers on the back end and a Win7 laptop on the front end with a FTP client(s). The ACE is setup to load balance by source(the requirement for our project).
When the laptop tries to FTP to the Filezilla FTP servers it connects, enters passive mode, and sends a WLSD command to get a directory listing, but never gets it. If the Win7 laptop is put on the same vlan as the Filezilla FTP servers, behind the ACE, everything works fine.
As far as I can tell the ACE configs doesn’t have any sort of deny acl acting on this traffic. *attached* The FTP client always connects, its just the directory listing that doesn't seem to work.. and we need it to work for the app this is targeting.
Any help is greatly appreciated.
Yeah me too!
So after much packet capturing and hair pulling and general dismay, we(me, another admin, and a local var ccie) think this is a app layer issue. We added the inspect command but it wouldnt take without a nat pool in place, so we added that.
We found a packet in the FTP client that tells the server the real IP of client to the server. This is the only oddity that we can locate. Of course I admit we arent using a ACE in the normal way an ACE would be used, we LB by source not destination.
I put telnet servers on my targets and they also communicate directly to the clients IP, but they layer 2 back to the ace first, whereas the FTP server doesnt. We are still working on it to try and find a way to make FTP happy.
Login to share your discussion activity with your friends on Facebook. You can control what you share and turn off sharing anytime.
Your Facebook friends can now see that you have started this discussion
Your Facebook friends can now see that you have commented on this discussion
Your Facebook friends can now see that you have read this discussion