Re: [OSL | CCIE_Security] FTP

[Eugene Pefti]

That's true. There are some gotchas with active/passive FTP and ASA inspection. 
We already discussed it here, I.e. Inbound Active FTP should work without an 
inspection because the data connection is initiated by the server and it is 
traffic from high security to lower security

From: waleed ' <walleed...@hotmail.com<mailto:walleed...@hotmail.com>>
Date: Thursday, July 5, 2012 10:00 AM
To: "mike_c...@hotmail.com<mailto:mike_c...@hotmail.com>" 
<mike_c...@hotmail.com<mailto:mike_c...@hotmail.com>>, 
"jo...@isc.co.za<mailto:jo...@isc.co.za>" 
<jo...@isc.co.za<mailto:jo...@isc.co.za>>, CCIE Security 
<ccie_security@onlinestudylist.com<mailto:ccie_security@onlinestudylist.com>>
Subject: Re: [OSL | CCIE_Security] FTP


I think he must to tell type of ftp service passive or active
Regards
________________________________
From: mike_c...@hotmail.com<mailto:mike_c...@hotmail.com>
To: jo...@isc.co.za<mailto:jo...@isc.co.za>; 
ccie_security@onlinestudylist.com<mailto:ccie_security@onlinestudylist.com>
Date: Thu, 5 Jul 2012 10:56:05 -0600
Subject: Re: [OSL | CCIE_Security] FTP

Johan,

By default the ASA has the inspection for FTP configure, so the data port will 
open the data channel dynamically, hence you only need FTP.

Mike

________________________________
From: jo...@isc.co.za<mailto:jo...@isc.co.za>
To: ccie_security@onlinestudylist.com<mailto:ccie_security@onlinestudylist.com>
Date: Thu, 5 Jul 2012 08:02:04 +0200
Subject: [OSL | CCIE_Security] FTP


Hi,



When asked to allow ftp to a host. Do I allow ftp-data and ftp or only ftp.



I see some solutions allow both others only ftp.



Thanks



Johan





_______________________________________________ For more information regarding 
industry leading CCIE Lab training, please visit www.ipexpert.com Are you a 
CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com

_______________________________________________ For more information regarding 
industry leading CCIE Lab training, please visit www.ipexpert.com Are you a 
CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com

_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit 
www.ipexpert.com

Are you a CCNP or CCIE and looking for a job? Check out 
www.PlatinumPlacement.com