We need help to configure a cisco pix firewall to conect to my ftp
server in the lan, i create a static rule and a access-list from the
outside.but i can't conect.
Any Idea??
Thanks in advance
In article <1169485267.175717.45970@38g2000cwa.googlegroups.com>,
dospedres
>We need help to configure a cisco pix firewall to conect to my ftp
>server in the lan, i create a static rule and a access-list from the
>outside.but i can't conect.
>Any Idea??
comp.dcom.sys.cisco is a better place for PIX advice.
There are a number of possible causes for what you describe.
We need to know the PIX software version, the static rule,
the access-list contents, the access-group statement, any
applicable protocol inspection statements, and whether you are
using passive or active ftp. Also, it would help if you were
to push your logging level up to 6 and to present the relevant
log messages.
You may wish to investigate the Cisco PIX 501 Firewall Config Template:
http://articles.techrepublic.com.com/5100-1035_11-6149475.ht ml?tag=nl.e115
and Cisco PIX VPN GUI Config:
http://www.ifm.net.nz/cookbooks/501gui/
Sincerely,
Brad Reese
http://www.BradReese.Com
Cisco routers use TFTP protocoll instead of FTP. Try install in your
network TFTP server & connect to it.
Loki
dospedres wrote:
> We need help to configure a cisco pix firewall to conect to my ftp
> server in the lan, i create a static rule and a access-list from the
> outside.but i can't conect.
>
> Any Idea??
>
> Thanks in advance
>
In article
>dospedres wrote:
>> We need help to configure a cisco pix firewall to conect to my ftp
>> server in the lan, i create a static rule and a access-list from the
>> outside.but i can't conect.
>Cisco routers use TFTP protocoll instead of FTP. Try install in your
>network TFTP server & connect to it.
The Cisco PIX is not a router: it is a firewall. The OP is trying
to configure FTP through the firewall (from outside) to something inside.
By the way, PIX 7.0 and later can configure via FTP.
http://www.cisco.com/univercd/cc/td/doc/product/multisec/asa _sw/v_70/cref_txt/c.htm#wp1970383
On Jan 22, 11:10 pm, rober...@hushmail.com (Walter Roberson) wrote:
> In article
> >dospedres wrote:
> >> We need help to configure a cisco pix firewall to conect to my ftp
> >> server in the lan, i create a static rule and a access-list from the
> >> outside.but i can't conect.
> >Cisco routers use TFTP protocoll instead of FTP. Try install in your
> >network TFTP server & connect to it.
>
> The Cisco PIX is not a router: it is a firewall. The OP is trying
> to configure FTP through the firewall (from outside) to something inside.
>
> By the way, PIX 7.0 and later can configure via FTP.http://www.cisco.com/univercd/cc/td/doc/product/multisec /asa_sw/v_70/...
I suggest you capture the traffic to see whats happening, do the
following
# access-list test permit tcp any
21
# capture test access-list test interface outside
# capture test1 access-list test interface inside
make an ftp attempt to connect
# show capture test { to see if the request packets hits the firewall
external interface }
# show capture test1 { to see if the packet leaves the firewall inside
interface to the ftp server }
you may then check for return traffic to confirm a complete tcp
handshake occurs or not.
ref. http://www.firewallfaqs.com