FTP configuration on router

Discussion in 'Cisco' started by yellow, Aug 31, 2009.

  1. yellow

    yellow Guest

    Hi,

    Can anyone tell me how to configure the router in order support
    workstation behind the router connect to passive FTP.

    When the workstation behind the router tried to connect to Active FTP
    server, it works. However, when connect to Passive one under IE, after
    entered the password, the page didn't show up, stay at 'loading'
    state. In my router configure, I already configured INSPECT FTP and
    applied to both intside and outside interfaces. I checked the FTP
    server end, I can see the workstation successfully login, but unable
    to establish data communication channel. I have no problem when using
    FTP command under DOS.

    Any help is appreciated.

    Here's brief configuration

    ip inspect name INSPECT_1 ftp
    ip inspect name INSPECT_1 tcp
    ip inspect name INSPECT_1 udp

    interface GigabitEthernet0/1
    ip address x.x.x.x
    ip inspect INSPECT_1 out

    interface Vlan10
    ip address x.x.x.x
    ip inspect INSPECT_1 out
     
    yellow, Aug 31, 2009
    #1
    1. Advertising

  2. yellow

    Guest

    On Aug 31, 9:32 am, yellow <> wrote:
    > Hi,
    >
    > Can anyone tell me how to configure the router in order support
    > workstation behind the router connect to passive FTP.
    >
    > When the workstation behind the router tried to connect to Active FTP
    > server, it works. However, when connect to Passive one under IE, after
    > entered the password, the page didn't show up, stay at 'loading'
    > state. In my router configure, I already configured INSPECT FTP and
    > applied to both intside and outside interfaces. I checked the FTP
    > server end, I can see the workstation successfully login, but unable
    > to establish data communication channel. I have no problem when using
    > FTP command under DOS.
    >
    > Any help is appreciated.
    >
    > Here's brief configuration
    >
    > ip inspect name INSPECT_1 ftp
    > ip inspect name INSPECT_1 tcp
    > ip inspect name INSPECT_1 udp
    >
    > interface GigabitEthernet0/1
    >  ip address x.x.x.x
    >  ip inspect INSPECT_1 out
    >
    > interface Vlan10
    >  ip address x.x.x.x
    >  ip inspect INSPECT_1 out


    Hello,

    I believe CBAC inspection works in conjunction with an Access Control
    List (ACL)
    For passive FTP the negotiated data TCP port will be allowed via a
    rule created dynamically by the CBAC inspection process

    Example found here in OReilly "Cisco Cookbook"

    http://books.google.com/books?id=FR...esult&ct=result&resnum=1#v=onepage&q=&f=false

    --Regards
     
    , Aug 31, 2009
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Matt
    Replies:
    2
    Views:
    3,485
  2. Frosty

    ftp://ftp.isc.org

    Frosty, Nov 22, 2006, in forum: Computer Support
    Replies:
    2
    Views:
    1,129
  3. Mike Easter

    Why can't I access ftp://ftp.isc.org/ ?

    Mike Easter, Mar 14, 2007, in forum: Computer Support
    Replies:
    10
    Views:
    913
    Vanguard
    Mar 15, 2007
  4. Replies:
    1
    Views:
    521
    Lutz Donnerhacke
    Sep 13, 2007
  5. inventor1984
    Replies:
    4
    Views:
    1,678
    Dave \Crash\ Dummy
    Dec 21, 2009
Loading...

Share This Page