Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 316
  • Last Modified:

Cisco ACL Question

Hi all,
We are setting up a process by which files are uploaded and downloaded to a third party company from their FTP server using FTPs.
I have to create the necessary ACL on our 2801 router to allow this but it's not working how I thought it would. As a start I've added the following line;

access-list 102 permit ip host <ip of remote ftp server> any

The ACL is applied to the external interface of the router as folllows;

ip access-group 102 in

I thought that this would open up the router to allow all traffic to and from the remote ftp server regardless of port number (they use port 2221) but using CuteFTP setup as they recommend will not connect and I can't telnet to it either. Their tech guys say that no packets are even trying to connect so it has to be that our router is still blocking them.

Any thoughts greatly apprechiated.

Thanks.
0
trifastsystems
Asked:
trifastsystems
  • 2
1 Solution
 
that1guy15Commented:
If you are adding the permit statement to an ACL that is already on the router then it will be added to the bottom of the list (or last statement applied) and any statement above it  could be denying FTP already. Check to make sure no other statement is blocking FTP. IF so either remove it or reenter the access list with the allow above it.
0
 
trifastsystemsAuthor Commented:
Whenever I edit an ACL I always copy the whole thing to a text file, add what I want at the point I want it and then remove the whole ACL from the router before pasting in the new one.

I've tried adding the line at the top of the list but no joy.
0
 
JFrederick29Commented:
This is an outbound connection from you through your 2801 to them, right?  Can you post the router config?
0
 
trifastsystemsAuthor Commented:
I've just got it working.

Thought I'd try putting it at the top of the list again just to be sure and bosh.......it connected. I must have been doing something else wrong when I tried first time.

Point to you that1guy15.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now