FTP Outside Access Issues

[j4ck50n]

Long story short: I have my FTP server set up and ready to rock. I have an ASA 5510 which I believe is the culprit to my Outside Access In issues.

DETAILED ISSUE here: I can connect to the FTP server using command line..I can log in and get files (all tested from my home over public internet). I cannot connect via FTP Clietn (Filezilla, IPSwitch), Internet Explorer, Firefox, Windows Explorer. I get the Login Prompt so it's NATing to the inside private device properly.

Maybe an ACL issue - not really sure. I have one ACL entry: access-list outside_acccess_in extended permit tcp any host "ftpserver".

Any suggestions welcome - and let me know if you need any other info. Thanks

PS: I can access the FTP server with any of the above methods LAN-side. Only using command line ftp can I access it from public.

 

[North323]

sounds more application related. ftp is port 20/21, make sure both are open but if you can get via command line, you should be able to application

 

[Viconsul]

You need to specify the tcp port to permit as follows;

access-list outside_acccess_in extended permit tcp any host "ftpserver" eq 20
access-list outside_acccess_in extended permit tcp any host "ftpserver" eq 21

Failing that post a your config.

 

[j4ck50n]

A guy from the Cisco forums solved my issue. I needed to enable FTP inspection under the Default Policy-Map. Now I can hit the root of my FTP server via Web Browser, Windows Explorer, GUI FTP Client, etc from the internet.