We help IT Professionals succeed at work.

Change PIX 515e config to allow FTP server

wallis34
wallis34 asked
on
I need to change the config on our Cisco PIX 515e firewall Version 6.3 (4). There is already entries to allow access to FTP server. I have installed a new ftp server and need to delete the existing entries and add the new. What i am unsure of is how to delete the existing entries. Here they are:

access-list outside_access_in permit tcp any host 67.88.56.134 eq ftp
access-list outside_access_in remark FTP-DATA to LSI-4PB8Y41
access-list outside_access_in permit tcp any host 67.88.56.134 eq ftp-data

static (inside,outside) 67.88.56.134 LSI-4PB8Y41 netmask 255.255.255.255 0 0

TIA!

Bill
Comment
Watch Question

Gary ColtharpSr. Systems Engineer

Commented:
get in to enable mode and put a no in front of those lines.
Head of IT Security Division
CERTIFIED EXPERT
Top Expert 2010
Commented:
Hi,

you need:

no access-list outside_access_in permit tcp any host 67.88.56.134 eq ftp
no access-list outside_access_in remark FTP-DATA to LSI-4PB8Y41
no access-list outside_access_in permit tcp any host 67.88.56.134 eq ftp-data

no static (inside,outside) 67.88.56.134 LSI-4PB8Y41 netmask 255.255.255.255 0 0

clear xlate
Istvan KalmarHead of IT Security Division
CERTIFIED EXPERT
Top Expert 2010

Commented:
clear xlate need to delete the nat statement from memory
wallis34sysadmin

Author

Commented:
Thanks for the quick response!

Explore More ContentExplore courses, solutions, and other research materials related to this topic.