Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > ASA & FTP Problem

Reply
Thread Tools

ASA & FTP Problem

 
 
R.B.P.
Guest
Posts: n/a
 
      02-06-2006
Hi

After changen from a PIX515 to an ASA5510,
we can't use FTP in active mode from the inside network.
There are no restrictions for inside users.
Anyone her, that can explain why ?

BR

R.B.P.

 
Reply With Quote
 
 
 
 
Merv
Guest
Posts: n/a
 
      02-06-2006

You might want to switch back to the PIX:



Product: Cisco ASA 5500 Series Adaptive Security Appliances
Version:
Revision:
Severity: 1-3
Features: view feature matrix | All Features
Keywords: FTP
Bug Status: Open,Fixed




Severity Bug ID & Title Found-in
Version Fixed-in
Version Status
1 CSCeg06076
Inbound ftp fails with nat 0 acl 7.0(81.152) 7.0(1), 7.0(0.60)
Verified
2 CSCeg00860
XLATE: passive FTP fixup failures 7.0(0.57) Verified
2 CSCef68471
traceback:eip 0x005f8aec obj-f1/snp_api:_snp_inject_new_pkt+40
7.0(0.4 7.0(1), 7.0(0.56) Verified
2 CSCeh07684
F1 traceback doing ftp uauth request with large connections 7.0(0.9
7.0(1), 7.0(0.100) Verified
2 CSCeg77811
PERF:reset not sent to outbound ftp connections 7.0(0.89)
Verified
2 CSCef65106
reload cannot fetch config file from ftp/tftp server 7.0(0.45)
7.0(1), 7.0(0.53) Verified
2 CSCeh08782
FTP traffic should to blocked when url-server is down with filter on
7.0(0.9 7.0(1), 7.0(0.100) Verified
2 CSCeg53134
Deny ftp pages are permitted with websense filtering 7.0(81.204)
7.0(1), 7.0(0.81) Verified
2 CSCef47049
VPNFO: FTP transfer from MS server over VPN doesnt survive failover
7.0(0.41) Verified
2 CSCeg83476
Nessus scan causes F1 traceback 7.0(0.82) Verified
2 CSCeg08485
Commands in second ftp session not working when user already authent
7.0(0.60) 7.0(1), 7.0(0.69) Verified
2 CSCee46124
SSLC:FTP cut-through proxy carsh:file=fornax/tcp.c Thread uauth
7.0(0.9) Verified
2 CSCed66023
Failover and active FTP with PAT not working 1.0 7.0(0.1), 7.0(1),
7.0(0.56) Verified
2 CSCeg10719
IPv6:ASSERT ip.ip_version==IP_VERSION_4 failed in ipv6_types.h 94
7.0(0.60) 7.0(1), 7.0(0.61) Verified
2 CSCeg65024
Traceback in eip printf:_inet_ntop with fixup ftp strict configs
7.0(0.84) 7.0(1), 7.0(0.86) Verified
2 CSCeg31959
FTP failed with ipsec port select and tcp port with lt,gt,range oper
7.0(0.6 7.0(1), 7.0(0.75) Verified
2 CSCef01697
webvpn port forwarding file upload vis secure ftp performance issues
7.0(81.51) 7.0(1), 7.0(0.93) Verified
2 CSCef22244
FTP Fixupassive FTP not working with Interface PAT. 7.0(0.32)
7.0(1), 7.0(0.50) Verified
2 CSCeg68094
VPN: TCP apps are not working on Benetton with IPComp, ping is fine
7.0(81.225) 7.0(1), 7.0(0.8 Verified
2 CSCef42257
TCP data requiring fragmentation is dropped by F1 7.0(0.3 7.0(1),
7.0(0.60) Verified
2 CSCeh21779
FTP conn hang and crash on doing clear loc with A/S fover and IPS
7.0(0.102) 7.0(1), 7.0(0.104) Verified
2 CSCeg06228
FTP connections hang when uauth entry present 7.0(1), 7.0(0.60)
Verified
2 CSCeg01897
Second ftp connection using previous uauth entry when timeout is 0
7.0(0.57) 7.0(1), 7.0(0.59) Verified
2 CSCeg01761
XLATE: active FTP fixup failures 7.0(0.57) Verified
2 CSCef77929
copy run to tftp fails in system context 7.0(0.50) Verified
2 CSCeg53394
Commands in second ftp session not working 7.0(0.80) 7.0(1),
7.0(0.83) Verified
2 CSCei28815
FIN-ACK Dropped even when the Sequence Number is within TCP Window
7.0(1) 7.0(2), 7.0(1.4) Verified
2 CSCeh06623
AAA: aaa hangs secondary FTP connection over VPN tunnel 7.0(1),
7.0(0.99) Verified
2 CSCeh81774
un-NATed ACK packets sent on outside interface 7.0(1) 7.0(2),
7.0(1.2), 7.0(3.1) Verified
2 CSCeh46289
AAA: Block is leaked during authorization 7.0(0.107) 7.0(1),
7.0(0.10, 7.0(3.1) Verified
2 CSCsc90826
PIX 7.0 getting the error %PIX-1-106021 when ip verify command enable
7.0(4) Assigned
2 CSCsc51939
Performance throughput problems through the PIX w/ http inspect enabled
7.0(2) Assigned
2 CSCsc58597
FTP pasv mode file transfer failure using VPN with CSC enabled
7.1(0.133) Verified
3 CSCsc94629
AIC FTP: inspect FTP commands are not applied during reload in Multiple
7.2(0.11) Assigned
3 CSCsc94646
AIC FTP: match not filetype doesnt work as desired in Multiple mode
7.2(0.16) Assigned
3 CSCed86480
Uninitialized variables in capture and FTP inspect 700.0 7.0(0.1),
7.0(1) Verified
3 CSCeg54198
550 message intermittent missing with ftp filtering and aaa authenti
7.0(0.80) Verified
3 CSCeg30227
logging ftp-bufferwrap seems to only have a 12 hour clock 7.0(0.60)
7.0(1), 7.0(0.81) Verified
3 CSCeh07577
FTP data session hangs when established command is configured
7.0(0.97) 7.0(1), 7.0(0.101) Verified
3 CSCee27520
Strict FTP obfuscates SYST reply - doesnt work with Netscape client
7.0 7.0(1), 7.0(0.12), 7.0(0.16) Verified
3 CSCef78134
Blocked FTP auth prompt different than PIX 6.3 7.0(0.121)
Verified
3 CSCsc98248
WCCP service 60 native ftp is not working 7.103 Verified
3 CSCed95893
DIP - FTP mode command broken 7.0(80.211) 7.0(0.1), 7.0(1)
Verified
3 CSCef33231
AAA:Authorzn failed message not displayed for FTP/HTTP sessions.
7.0(0.35) 7.0(1), 7.0(0.81) Verified
3 CSCeh12981
AAA:ftp data connection closed when uauth timeout set to 0 7.0(0.100)
7.0(1), 7.0(0.101) Verified
3 CSCeg85258
Second command in active ftp session not working 7.0(81.245)
7.0(1), 7.0(0.95) Verified
3 CSCef06167
IP audit FTP signatures need to enabled 7.0 7.0(1), 7.0(0.29)
Verified
3 CSCeg86746
FTP filtering with Websense is not filtering 7.0(0.94) 7.0(1),
7.0(0.95) Verified
3 CSCeg07235
AAA must accept numeric value for protocol 7.0 7.0(1), 7.0(0.66)
Verified
3 CSCeg55372
Service resetinbouund (and its default) does not behave as expected
7.0(0.75) 7.0(1), 7.0(0.8 Verified

 
Reply With Quote
 
 
 
 
ss18 ss18 is offline
Junior Member
Join Date: Aug 2006
Posts: 1
 
      08-25-2006
Quote:
Originally Posted by R.B.P.
Hi

After changen from a PIX515 to an ASA5510,
we can't use FTP in active mode from the inside network.
There are no restrictions for inside users.
Anyone her, that can explain why ?

BR

R.B.P.

Did you ever find a fix for this?
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ASA 5510 log messages %ASA-4-419002: Duplicate TCP SYN Tilman Schmidt Cisco 5 02-18-2008 12:07 PM
IPSec PIX 501 - ASA 5510 -> log flooded with %ASA-4-402116 Tilman Schmidt Cisco 0 01-24-2008 10:49 AM
ASA 5505 as hardware vpn client to PIX 501 or ASA 5505 with network extension mode activated bjorn@kumlait.se Cisco 1 06-17-2007 12:43 PM
WCCP on ASA & traffic between physical interfaces on ASA apsolar@gmail.com Cisco 3 02-15-2007 12:16 AM
Net::FTP problems getting files from Windows FTP server, but not Linux FTP Server. D. Buck Perl Misc 2 06-29-2004 02:05 PM



Advertisments