Not able to access FTP site behind PIX firewall

Posted on 2008-10-30
Last Modified: 2013-12-02
I published one FTP in IIS and it is working fine locally. If I try to access from out side, i am getting error " permission problem"  I installed filezilla FTP client and I got the below error:
Status:      Connecting to
Status:      Connection established, waiting for welcome message...
Response:      220 Microsoft FTP Service
Command:      USER anonymous
Response:      331 Anonymous access allowed, send identity (e-mail name) as password.
Command:      PASS **************
Response:      230 Anonymous user logged in.
Command:      SYST
Response:      215 Windows_NT
Command:      FEAT
Response:      211-FEAT
Response:          SIZE
Response:          MDTM
Response:      211 END
Status:      Connected
Status:      Retrieving directory listing...
Command:      PWD
Response:      257 "/" is current directory.
Command:      TYPE I
Response:      200 Type set to I.
Command:      PASV
Response:      227 Entering Passive Mode (192,168,1,9,5,5).
Status:      Server sent passive reply with unroutable address. Using server address instead.
Command:      LIST
Response:      425 Can't open data connection.
Error:      Failed to retrieve directory listing
I already forwarded ports 21 and 20 in pix to local FTP server.
What extra settings I need to access the FTP from outside through IE or Windows Explorer.

Question by:osigrp

Expert Comment

ID: 22839146
Ftp uses more ports then 20 and 21, in your case i guess you need to forward port 1023 also.
You can also look at your pix log, to see why the connection is dropped.
see this article for more information on port use of FTP

Author Comment

ID: 22839268
But How I can see the pix log?? any commands?

Accepted Solution

bml104 earned 500 total points
ID: 22840328
assuming you have not internal access-list

fixup protocol ftp

Expert Comment

ID: 24807653
Thanks. "fixup protocol ftp" worked for me.

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently updated from an old PIX platform to the new ASA platform.  While upgrading, I was tremendously confused about how the VPN and AnyConnect licensing works.  It turns out that the ASA has 3 different VPN licensing schemes. "site-to-site" …
Preface There are many applications where some computing systems need have their system clocks running synchronized within a small margin and eventually need to be in sync with the global time. There are different solutions for this, i.e. the W3…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…

948 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now