We are setting up a process by which files are uploaded and downloaded to a third party company from their FTP server using FTPs.
I have to create the necessary ACL on our 2801 router to allow this but it's not working how I thought it would. As a start I've added the following line;
access-list 102 permit ip host <ip of remote ftp server> any
The ACL is applied to the external interface of the router as folllows;
ip access-group 102 in
I thought that this would open up the router to allow all traffic to and from the remote ftp server regardless of port number (they use port 2221) but using CuteFTP setup as they recommend will not connect and I can't telnet to it either. Their tech guys say that no packets are even trying to connect so it has to be that our router is still blocking them.