This Howtos posted under: Cisco | Total Visitors Till Now: 437
How to Permit active FTP sessions through a Cisco ASA
This is a snippet for the Cisco ASA firewall that permits active FTP sessions to pass through. This is the equivalent to the ‘fixup ftp’ commands of the previous PIX OS versions. For whatever reason this functionality was no longer enabled by default in my Cisco ASA 5510 [Cisco Adaptive Security Appliance Software Version 7.0(5)].
If you are already using the class-map, policy-map or service-policy commands, this snippet is probably not going to work. You would need to implement the similar commands without disrupting the rest of your service policy. In that case, however, you probably should already know what you are doing.
Here is the snippet:
class-map inspection_default match default-inspection-traffic ! ! policy-map asa_global_fw_policy class inspection_default inspect ftp ! service-policy asa_global_fw_policy global
Posted by Editor
on
July 2, 2009 at 1:38 am
Liked this article? To continue getting our latest free Howtos and Tutorials,
you can also grab the RSS feed or Subscribe to Techgurulive by Email
you can also grab the RSS feed or Subscribe to Techgurulive by Email
Not Getting
Related postsHow to Filter ICMP traffic in the Cisco IOS
The Internet Control Message Protocol (ICMP) is one of the core protocols of the Internet Protocol Suite. It is chiefly used by networked computers’ operating systems to send error messages—indicating,...
The Internet Control Message Protocol (ICMP) is one of the core protocols of the Internet Protocol Suite. It is chiefly used by networked computers’ operating systems to send error messages—indicating,...
