Great Circle Associates Firewalls
(March 1993)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: Packet filtering and FTP
From: bdboyle @ maverick1 . erenj . com (Bryan D. Boyle)
Date: Tue, 16 Mar 1993 20:25:38 -0500
To: "David I. Dalva" <dave @ TIS . COM>, firewalls @ GreatCircle . COM
In-reply-to: "David I. Dalva" <dave @ TIS . COM> "Packet filtering and FTP" (Mar 16, 5:29pm)
Posted-date: Tue, 16 Mar 1993 20:25:38 -0500
References: <9303162230 . AA09412 @ TIS . COM>

On Mar 16,  5:29pm, "David I. Dalva" wrote:
> Subject: Packet filtering and FTP
> Summary: Cisco "established" keyword breaks FTP-DATA.
> 
> I am having FTP trouble when I configure my Cisco to only permit established
> TCP connections above port 1024.  When a new (random) port is created for
> FTP-DATA (e.g., as the result of a "dir"), the Cisco prohibits the connection
> since it doesn't meet the "established" criteria.
> 
> Does anybody know what the port range is for randomly allocated ports, or
> another way to get around this problem?
> 
> Dave Dalva <dave @
 tis .
 com>
> Trusted Information Systems, Inc.
> Glenwood, MD  21738
> +1 301 854-6889
> +1 301 854-5363 FAX
>-- End of excerpt from "David I. Dalva"


dave:
talk to one of your associates, marcus ranum...I am sure he has some ideas
along this line...

-- 
Bryan D. Boyle              |Physical: Exxon Research, Annandale, NJ 08801
#include <disclaimer>       |Logical: bdboyle @
 erenj .
 com
<     USENET: Post to exotic, distant machines.  Meet exciting,      >
<                 unusual people.  And flame them.                   >



References:
Indexed By Date Previous: Re: Packet filtering and FTP
From: smb @ research . att . com
Next: Firewalls and NFS
From: chris @ visionware . co . uk (Chris Davies)
Indexed By Thread Previous: Packet filtering and FTP
From: "David I. Dalva" <dave @ TIS . COM>
Next: Re: Packet filtering and FTP
From: Brent Chapman <brent @ GreatCircle . COM>

Google
 
Search Internet Search www.greatcircle.com