[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

Inbound ACIVE and PASSIVE FTP on ASA firewall code 8.2(2)

Posted on 2010-11-15
2
Medium Priority
?
2,761 Views
Last Modified: 2012-05-10
how do i enable ACTIVE and PASSIVE inbound FTP through ASA firewall.. I have gone through majority of online documents and cant seem to figure it out.. Please assist

I get the following errors when i try the passive FTP.. i have tried with inspect on and inspect off.. same results.. I know what the error means.. I want a work around that if any..

2010-11-04 16:12:05      Local7.Warning      fwea01-a      Nov 04 2010 16:12:03: %ASA-4-406002: FTP port command different address: 10.60.x.x(External IP) to 192.168.x.x on interface INSIDE
2010-11-04 16:12:05      Local7.Warning      fwea01-a      Nov 04 2010 16:12:03: %ASA-4-507003: tcp flow from ISA-Vlan:192.168.x.x0/19600 to INSIDE:10.60.x.x/21 terminated by inspection engine, reason - inspector drop reset.
0
Comment
Question by:hkdv
  • 2
2 Comments
 

Accepted Solution

by:
hkdv earned 0 total points
ID: 34249181
This was done by disabling inspect for the entire flow on the firewall.
0
 

Author Closing Comment

by:hkdv
ID: 34249200
This was done by disabling inspect for the entire flow on the firewall.
0

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?
Suggested Courses

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question