Howto: Permit active FTP sessions through a Cisco ASA

januari 9, 2009 | Posted by admin

This information is also available at: http://www.elifulkerson.com/articles/cisco-asa-ftp-fixup-snippet.php and helped me a lot with my FTP problem!

—————
This is a snippet for the Cisco ASA firewall that permits active FTP sessions to pass through. This is the equivalent to the ‘fixup ftp’ commands of the previous PIX OS versions. For whatever reason this functionality was no longer enabled by default in my Cisco ASA 5510 [Cisco Adaptive Security Appliance Software Version 7.0(5)].

If you are already using the class-map, policy-map or service-policy commands, this snippet is probably not going to work. You would need to implement the similar commands without disrupting the rest of your service policy. In that case, however, you probably should already know what you are doing.

Here is the snippet:

class-map inspection_default match default-inspection-traffic ! ! policy-map asa_global_fw_policy class inspection_default inspect ftp ! service-policy asa_global_fw_policy global

Category Categories: Network | Tag Tags: cisco asa 5510 firewall ftp | No Comments »

webbiton

web- and application development since 2005

Howto: Permit active FTP sessions through a Cisco ASA

Here is the snippet:

Leave a Reply

« Sharepoint and Vista: I need to login to sharepoint every time I try to navigate to Sharepoint

Talking about WordPress Internet Explorer 8 Accelerator | anant garg »

Arkiv

Kategorier

Projekt

Wordpress links