Pix firewalls and FTP - "ftp", or "ftpdata"

Discussion in 'Cisco' started by thefunnel@aol.com, Sep 13, 2007.

  1. Guest

    Hi,

    I would like to allow FTP access to a host on the inside of my Pix
    525. I notice I can configure an access rule (via PDM). I notice I can
    choose from "ftp" and "ftpdata" on the list of predefined services? Im
    guessing this is ports 20 and 21. Unfortunately I can only choose one
    at a time without creating a "service group" and adding both. This
    seems a bit excessive as I thought FTP would be a common service to
    allow inbound . Can I get away with just adding "ftp" or JUST
    "ftpdata"

    Many thanks,

    Paul
     
    , Sep 13, 2007
    #1
    1. Advertising

  2. * wrote:
    > I would like to allow FTP access to a host on the inside of my Pix
    > 525. I notice I can configure an access rule (via PDM). I notice I can
    > choose from "ftp" and "ftpdata" on the list of predefined services? Im
    > guessing this is ports 20 and 21.


    Only allow ftp (21/TCP). The other ports are automatically opened by the PIX
    using fixup ftp or inspect ftp (which is default).
     
    Lutz Donnerhacke, Sep 13, 2007
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. meme
    Replies:
    3
    Views:
    622
    Hugo Drax
    Jul 7, 2004
  2. Fred Knobles
    Replies:
    3
    Views:
    824
    Sam Wilson
    Jul 23, 2004
  3. Replies:
    5
    Views:
    7,716
    Walter Roberson
    May 3, 2005
  4. Rich
    Replies:
    0
    Views:
    490
  5. ciscoham
    Replies:
    2
    Views:
    563
    ciscoham
    Nov 15, 2005
Loading...

Share This Page