That is what I meant. I am doing 4 things at the same time. The important thing is the difference of where the ports are opened from. If the clients are on the inside then basic inspection will take care of opening the ports. It doesn't have to be mapped to the FTP protocol. But if clients are outside the firewall then again inspection is important as with the new ftp passive option then the proper inbound client connections can be opened.
Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Managing Partner / Sr. Instructor - IPexpert, Inc. Mailto: <mailto:[email protected]> [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: <http://www.ipexpert.com/chat> www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at <http://www.ipexpert.com/communities> www.ipexpert.com/communities and our public website at <http://www.ipexpert.com/> www.ipexpert.com From: Vybhav Ramachandran [mailto:[email protected]] Sent: Monday, July 05, 2010 1:19 PM To: Tyson Scott Cc: Kingsley Charles; OSL Security Subject: Re: [OSL | CCIE_Security] Lab 16 task 1.5 MPF for FTP Hello Tyson, http://slacksite.com/other/ftp.html#passive -> This says the data connection is opened by the client to a random port ( that the server returns )? Cheers, TacACK
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
