Cisco PIX 501

Networks

Collapse -

by -Q-240248 · 17 years ago In reply to Cisco PIX 501

Which direction will the FTP access be needed?

If it's internal ( I am assuming here) then you need to create a CONDUIT or an ACL for that traffic to get in AND you'll need to create a static nat mapping for the FTP server.

If you need to discuss this further, please post on my site:

www.bbfree.com/Tech

Collapse -

by cw · 17 years ago In reply to Cisco PIX 501

I assume you are using access lists. The PIX does not process Access Lists the same as a Cisco router. Your "deny IP any" statement is erroneous, since the PIX blocks by default, anything not specifically permitted. Take it out, and configure your access list like this.

Access-list 101 permit tcp host xxxx(registered address of your FTP server that is specified in your static NAT mappings)any eq FTP

That is the right way.

Hope this helps

Chris Weber CCDP

Collapse -

by cw · 17 years ago In reply to

And be sure to apply your access-list to the outside interface.

access-group 101 in interface outside

Chris Weber CCDP

Collapse -

by Mart H · 17 years ago In reply to

Very helpfull solved the problem..

Collapse -

by Mart H · 17 years ago In reply to Cisco PIX 501

This question was closed by the author

Networks

General discussion

Cisco PIX 501

All Comments

Start or search

Create a new discussion

Post type

Subject title

Topic Tags

Message Body

Track this discussion and email me when there are updates

Related Discussions

Linksys Velop: A simple solution for spotty Wi-Fi

Email Service for gambling marketing

Question on OSI model

Networking

Network Ethernet questions

Related Forums