FTP/TLS Access Via PIX 7.2

Discussion in 'Cisco' started by darrenfgreen, Jul 10, 2012.

  1. darrenfgreen

    darrenfgreen Guest

    I've been surfing around to try and work out how to configure a PIX to support FTP/TLS access from an Internet user to a server behind my PIX.

    I can't see any examples of how to configure this but a few posts suggests that the PIX / ASA doesn't support this feature. I understand that the control connection is encrypted resulting in the PIX not been able to see the Data / PASV reply.

    The FTP client is Filezilla.

    Any help in debugging or solving this would be appreciated.


    darrenfgreen, Jul 10, 2012
    1. Advertisements

  2. darrenfgreen

    alex Guest

    Either you open the full range of ports towards the FTP/TLS server (and
    then you have a 1:1 NAT towards that server since you cannot predict in
    advance which port will be used for the data connection ) or yes the PIX
    won't open the hole for the data connection unless it proxies the TLS
    connection but afaik that's done only for the IP phones.

    HTH Ale
    alex, Jul 10, 2012
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.