Hi all,
I've got a scenario where I am deploying 2110 firepower firewalls running FTD, controlled via FMC.
We have a ruleset that allows FTP control traffic from an internal IP to an external FTP server and this works fine, however the return traffic seems to be dropped. Mu understanding that the FTP data return traffic should undergo inspection and be matched back to the command stream that initiated it.
To me this indicates that we've got an issue with the traffic inspection when using PAT (which is the catch all NAT rule I have in place). Has anyone experienced this before or know any workarounds?
The only thing I can do to get it to work is to add a static NAT rule for the internal IP address, which then must make the FTP inspection possible...
The only thing I can find with my googlefoo is ways of disabling the inspection for FTP either via Prefilter or Flexconfig policies, however I'm not convinced this will resolve the issue as surely its the opposite of what I'm trying to achieve.
No comments:
Post a Comment