Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


how to open up Port 21 ftp on pix 501

Posted on 2005-03-08
Medium Priority
Last Modified: 2007-02-13
What is the command to open up port 21 on a pix firewall ?

I am unable to post the current config, now cus im not there yet.

They have a fixed ip adress.

What the client wants to accomplish is to access a ftp server download price lists, and upload their orders to that same
ftp server.

Question by:daxa78
LVL 32

Accepted Solution

harbor235 earned 1000 total points
ID: 13486396
Are you doing NAT?  You need to add an entry to your access-list:

access-list <number> permit tcp <source_address> <netmask> <destination_ip> <netmask> eq 21
you will need port 20 as well

access-list <number> permit tcp <source_address> <netmask> <destination_ip> <netmask> eq 20

You may also need a translation from the public IP to your private(nat'd) IP:

static (inside,outside) tcp x.x.x.x 21 y.y.y.y 21 netmask 0 0


Assisted Solution

russfly earned 1000 total points
ID: 13514476

3 assumptions here:
  xxx.xxx.xxx.0 = External IP address you want to use for ftp = Internal IP address of the email server that needs to receive the ftp traffic
  fixup protocol ftp 21 = is already configured on the firewall

First you would want to create an access list:
  access-list acl_out permit tcp any host xxx.xxx.xxx.0 eq ftp

Next you will need to create a static statement defining where the traffic needs to go:
  static (inside,outside) xxx.xxx.xxx.0 netmask 0 0

Finally, you want the firewall to use the access list you created which limits access to ftp:
  access-group acl_out in interface outside

Hope that helps!

Featured Post


Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Many of the companies I’ve worked with have embraced cloud solutions due to their desire to “get out of the datacenter business.” The ability to achieve better security and availability, and the speed with which they are able to deploy, is far grea…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month11 days, 23 hours left to enroll

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question