Solved

Inbound ACIVE and PASSIVE FTP on ASA firewall code 8.2(2)

Posted on 2010-11-15
2
2,649 Views
Last Modified: 2012-05-10
how do i enable ACTIVE and PASSIVE inbound FTP through ASA firewall.. I have gone through majority of online documents and cant seem to figure it out.. Please assist

I get the following errors when i try the passive FTP.. i have tried with inspect on and inspect off.. same results.. I know what the error means.. I want a work around that if any..

2010-11-04 16:12:05      Local7.Warning      fwea01-a      Nov 04 2010 16:12:03: %ASA-4-406002: FTP port command different address: 10.60.x.x(External IP) to 192.168.x.x on interface INSIDE
2010-11-04 16:12:05      Local7.Warning      fwea01-a      Nov 04 2010 16:12:03: %ASA-4-507003: tcp flow from ISA-Vlan:192.168.x.x0/19600 to INSIDE:10.60.x.x/21 terminated by inspection engine, reason - inspector drop reset.
0
Comment
Question by:hkdv
  • 2
2 Comments
 

Accepted Solution

by:
hkdv earned 0 total points
ID: 34249181
This was done by disabling inspect for the entire flow on the firewall.
0
 

Author Closing Comment

by:hkdv
ID: 34249200
This was done by disabling inspect for the entire flow on the firewall.
0

Featured Post

Active Directory Webinar

We all know we need to protect and secure our privileges, but where to start? Join Experts Exchange and ManageEngine on Tuesday, April 11, 2017 10:00 AM PDT to learn how to track and secure privileged users in Active Directory.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Assymetric routing asa 4 44
Using PowerShell for Windows Firewall #2 21 683
PCAnywhere 2 136
Need assistance with Windows Firewall rules 6 60
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question