Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > FTP configuration on router

Reply
Thread Tools

FTP configuration on router

 
 
yellow
Guest
Posts: n/a
 
      08-31-2009
Hi,

Can anyone tell me how to configure the router in order support
workstation behind the router connect to passive FTP.

When the workstation behind the router tried to connect to Active FTP
server, it works. However, when connect to Passive one under IE, after
entered the password, the page didn't show up, stay at 'loading'
state. In my router configure, I already configured INSPECT FTP and
applied to both intside and outside interfaces. I checked the FTP
server end, I can see the workstation successfully login, but unable
to establish data communication channel. I have no problem when using
FTP command under DOS.

Any help is appreciated.

Here's brief configuration

ip inspect name INSPECT_1 ftp
ip inspect name INSPECT_1 tcp
ip inspect name INSPECT_1 udp

interface GigabitEthernet0/1
ip address x.x.x.x
ip inspect INSPECT_1 out

interface Vlan10
ip address x.x.x.x
ip inspect INSPECT_1 out
 
Reply With Quote
 
 
 
 
jrguent@gmail.com
Guest
Posts: n/a
 
      08-31-2009
On Aug 31, 9:32*am, yellow <(E-Mail Removed)> wrote:
> Hi,
>
> Can anyone tell me how to configure the router in order support
> workstation behind the router connect to passive FTP.
>
> When the workstation behind the router tried to connect to Active FTP
> server, it works. However, when connect to Passive one under IE, after
> entered the password, the page didn't show up, stay at 'loading'
> state. In my router configure, I already configured INSPECT FTP and
> applied to both intside and outside interfaces. I checked the FTP
> server end, I can see the workstation successfully login, but unable
> to establish data communication channel. I have no problem when using
> FTP command under DOS.
>
> Any help is appreciated.
>
> Here's brief configuration
>
> ip inspect name INSPECT_1 ftp
> ip inspect name INSPECT_1 tcp
> ip inspect name INSPECT_1 udp
>
> interface GigabitEthernet0/1
> *ip address x.x.x.x
> *ip inspect INSPECT_1 out
>
> interface Vlan10
> *ip address x.x.x.x
> *ip inspect INSPECT_1 out


Hello,

I believe CBAC inspection works in conjunction with an Access Control
List (ACL)
For passive FTP the negotiated data TCP port will be allowed via a
rule created dynamically by the CBAC inspection process

Example found here in OReilly "Cisco Cookbook"

http://books.google.com/books?id=FRE...age&q=&f=false

--Regards
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Setting up a router with 29 Global IPs, BUT can't ping router internal interface from server or server interface from router war_wheelan@yahoo.com Cisco 1 12-14-2005 03:31 PM
sun.net.ftp.FtpProtocolException: Error reading FTP pending reply long990802@gmail.com Java 3 12-11-2005 02:46 AM
ftplib question - ftp.dir() returns something and ftp.nlst() does not Nico Grubert Python 0 11-24-2005 02:00 PM
Net::FTP problems getting files from Windows FTP server, but not Linux FTP Server. D. Buck Perl Misc 2 06-29-2004 02:05 PM
FTP over SSL vs FTP over SSH someone Java 1 04-25-2004 03:30 PM



Advertisments