ASA & FTP Problem

Discussion in 'Cisco' started by R.B.P., Feb 6, 2006.

  1. R.B.P.

    R.B.P. Guest

    Hi

    After changen from a PIX515 to an ASA5510,
    we can't use FTP in active mode from the inside network.
    There are no restrictions for inside users.
    Anyone her, that can explain why ?

    BR

    R.B.P.
     
    R.B.P., Feb 6, 2006
    #1
    1. Advertising

  2. R.B.P.

    Merv Guest

    You might want to switch back to the PIX:



    Product: Cisco ASA 5500 Series Adaptive Security Appliances
    Version:
    Revision:
    Severity: 1-3
    Features: view feature matrix | All Features
    Keywords: FTP
    Bug Status: Open,Fixed




    Severity Bug ID & Title Found-in
    Version Fixed-in
    Version Status
    1 CSCeg06076
    Inbound ftp fails with nat 0 acl 7.0(81.152) 7.0(1), 7.0(0.60)
    Verified
    2 CSCeg00860
    XLATE: passive FTP fixup failures 7.0(0.57) Verified
    2 CSCef68471
    traceback:eip 0x005f8aec obj-f1/snp_api:_snp_inject_new_pkt+40
    7.0(0.48) 7.0(1), 7.0(0.56) Verified
    2 CSCeh07684
    F1 traceback doing ftp uauth request with large connections 7.0(0.98)
    7.0(1), 7.0(0.100) Verified
    2 CSCeg77811
    PERF:reset not sent to outbound ftp connections 7.0(0.89)
    Verified
    2 CSCef65106
    reload cannot fetch config file from ftp/tftp server 7.0(0.45)
    7.0(1), 7.0(0.53) Verified
    2 CSCeh08782
    FTP traffic should to blocked when url-server is down with filter on
    7.0(0.98) 7.0(1), 7.0(0.100) Verified
    2 CSCeg53134
    Deny ftp pages are permitted with websense filtering 7.0(81.204)
    7.0(1), 7.0(0.81) Verified
    2 CSCef47049
    VPNFO: FTP transfer from MS server over VPN doesnt survive failover
    7.0(0.41) Verified
    2 CSCeg83476
    Nessus scan causes F1 traceback 7.0(0.82) Verified
    2 CSCeg08485
    Commands in second ftp session not working when user already authent
    7.0(0.60) 7.0(1), 7.0(0.69) Verified
    2 CSCee46124
    SSLC:FTP cut-through proxy carsh:file=fornax/tcp.c Thread uauth
    7.0(0.9) Verified
    2 CSCed66023
    Failover and active FTP with PAT not working 1.0 7.0(0.1), 7.0(1),
    7.0(0.56) Verified
    2 CSCeg10719
    IPv6:ASSERT ip.ip_version==IP_VERSION_4 failed in ipv6_types.h 94
    7.0(0.60) 7.0(1), 7.0(0.61) Verified
    2 CSCeg65024
    Traceback in eip printf:_inet_ntop with fixup ftp strict configs
    7.0(0.84) 7.0(1), 7.0(0.86) Verified
    2 CSCeg31959
    FTP failed with ipsec port select and tcp port with lt,gt,range oper
    7.0(0.68) 7.0(1), 7.0(0.75) Verified
    2 CSCef01697
    webvpn port forwarding file upload vis secure ftp performance issues
    7.0(81.51) 7.0(1), 7.0(0.93) Verified
    2 CSCef22244
    FTP Fixup:passive FTP not working with Interface PAT. 7.0(0.32)
    7.0(1), 7.0(0.50) Verified
    2 CSCeg68094
    VPN: TCP apps are not working on Benetton with IPComp, ping is fine
    7.0(81.225) 7.0(1), 7.0(0.88) Verified
    2 CSCef42257
    TCP data requiring fragmentation is dropped by F1 7.0(0.38) 7.0(1),
    7.0(0.60) Verified
    2 CSCeh21779
    FTP conn hang and crash on doing clear loc with A/S fover and IPS
    7.0(0.102) 7.0(1), 7.0(0.104) Verified
    2 CSCeg06228
    FTP connections hang when uauth entry present 7.0(1), 7.0(0.60)
    Verified
    2 CSCeg01897
    Second ftp connection using previous uauth entry when timeout is 0
    7.0(0.57) 7.0(1), 7.0(0.59) Verified
    2 CSCeg01761
    XLATE: active FTP fixup failures 7.0(0.57) Verified
    2 CSCef77929
    copy run to tftp fails in system context 7.0(0.50) Verified
    2 CSCeg53394
    Commands in second ftp session not working 7.0(0.80) 7.0(1),
    7.0(0.83) Verified
    2 CSCei28815
    FIN-ACK Dropped even when the Sequence Number is within TCP Window
    7.0(1) 7.0(2), 7.0(1.4) Verified
    2 CSCeh06623
    AAA: aaa hangs secondary FTP connection over VPN tunnel 7.0(1),
    7.0(0.99) Verified
    2 CSCeh81774
    un-NATed ACK packets sent on outside interface 7.0(1) 7.0(2),
    7.0(1.2), 7.0(3.1) Verified
    2 CSCeh46289
    AAA: Block is leaked during authorization 7.0(0.107) 7.0(1),
    7.0(0.108), 7.0(3.1) Verified
    2 CSCsc90826
    PIX 7.0 getting the error %PIX-1-106021 when ip verify command enable
    7.0(4) Assigned
    2 CSCsc51939
    Performance throughput problems through the PIX w/ http inspect enabled
    7.0(2) Assigned
    2 CSCsc58597
    FTP pasv mode file transfer failure using VPN with CSC enabled
    7.1(0.133) Verified
    3 CSCsc94629
    AIC FTP: inspect FTP commands are not applied during reload in Multiple
    7.2(0.11) Assigned
    3 CSCsc94646
    AIC FTP: match not filetype doesnt work as desired in Multiple mode
    7.2(0.16) Assigned
    3 CSCed86480
    Uninitialized variables in capture and FTP inspect 700.0 7.0(0.1),
    7.0(1) Verified
    3 CSCeg54198
    550 message intermittent missing with ftp filtering and aaa authenti
    7.0(0.80) Verified
    3 CSCeg30227
    logging ftp-bufferwrap seems to only have a 12 hour clock 7.0(0.60)
    7.0(1), 7.0(0.81) Verified
    3 CSCeh07577
    FTP data session hangs when established command is configured
    7.0(0.97) 7.0(1), 7.0(0.101) Verified
    3 CSCee27520
    Strict FTP obfuscates SYST reply - doesnt work with Netscape client
    7.0 7.0(1), 7.0(0.12), 7.0(0.16) Verified
    3 CSCef78134
    Blocked FTP auth prompt different than PIX 6.3 7.0(0.121)
    Verified
    3 CSCsc98248
    WCCP service 60 native ftp is not working 7.103 Verified
    3 CSCed95893
    DIP - FTP mode command broken 7.0(80.211) 7.0(0.1), 7.0(1)
    Verified
    3 CSCef33231
    AAA:Authorzn failed message not displayed for FTP/HTTP sessions.
    7.0(0.35) 7.0(1), 7.0(0.81) Verified
    3 CSCeh12981
    AAA:ftp data connection closed when uauth timeout set to 0 7.0(0.100)
    7.0(1), 7.0(0.101) Verified
    3 CSCeg85258
    Second command in active ftp session not working 7.0(81.245)
    7.0(1), 7.0(0.95) Verified
    3 CSCef06167
    IP audit FTP signatures need to enabled 7.0 7.0(1), 7.0(0.29)
    Verified
    3 CSCeg86746
    FTP filtering with Websense is not filtering 7.0(0.94) 7.0(1),
    7.0(0.95) Verified
    3 CSCeg07235
    AAA must accept numeric value for protocol 7.0 7.0(1), 7.0(0.66)
    Verified
    3 CSCeg55372
    Service resetinbouund (and its default) does not behave as expected
    7.0(0.75) 7.0(1), 7.0(0.88) Verified
     
    Merv, Feb 6, 2006
    #2
    1. Advertising

  3. R.B.P.

    ss18

    Joined:
    Aug 25, 2006
    Messages:
    1

    Did you ever find a fix for this?
     
    ss18, Aug 25, 2006
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Arek Czereszewski

    Very slow ftp on ASA 5510

    Arek Czereszewski, Aug 8, 2006, in forum: Cisco
    Replies:
    1
    Views:
    3,368
  2. Frosty

    ftp://ftp.isc.org

    Frosty, Nov 22, 2006, in forum: Computer Support
    Replies:
    2
    Views:
    1,251
  3. Mike Easter

    Why can't I access ftp://ftp.isc.org/ ?

    Mike Easter, Mar 14, 2007, in forum: Computer Support
    Replies:
    10
    Views:
    1,007
    Vanguard
    Mar 15, 2007
  4. Replies:
    1
    Views:
    612
    Lutz Donnerhacke
    Sep 13, 2007
  5. inventor1984
    Replies:
    4
    Views:
    1,801
    Dave \Crash\ Dummy
    Dec 21, 2009
Loading...

Share This Page