Reflexive ACLs and FTP.

From: Ralph (Mandela@myrealbox.com)
Date: Tue Nov 29 2005 - 19:06:47 GMT-3

• Next message: Imal kalutotage: "CCIE 15471 from Sri lanka..Qatar..Brussales"
• Previous message: Brian Dennis: "RE: Internetworkexpert Workbook Order"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Guys:

There are obvioulsly some restrictions with using reflexive acls with applications that changes port numbers during a session; a good example of that type of application is FTP.

Here is a quote from the doc cd:

"The TCP application of FTP is an example of an application with changing port numbers. With reflexive access lists, if you start an FTP request from within your network, the request will not complete. Instead, you must use Passive FTP when originating requests from within your network"

My question is this:

What is the best way to configure a passive FTP traffic using an Access-list for use in a reflexive ACL?

Many Thanks
Ralph

• Next message: Imal kalutotage: "CCIE 15471 from Sri lanka..Qatar..Brussales"
• Previous message: Brian Dennis: "RE: Internetworkexpert Workbook Order"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Dec 01 2005 - 09:12:08 GMT-3