Open port on firewall to allow access FTP server

Donate Us : paypal.me/MicrosoftLab

Open port on firewall to allow access FTP server

1. Prepare

– DC21 : Domain Controller (pns.vn), IP 10.0.0.21 | DC22 : Terminal Server , IP 10.0.0.22

– ASA : Cisco ASA 8.42 , IP management 10.0.0.100

– DC23 : FTP server , IP 10.0.0.23 | WIN1091 : Client , IP 10.0.2.92 ( LAN2 )

2. Step by step : Open port on firewall to allow WIN1091 access to FTP server ( Port 21 )

– DC22 : Test access FTP server

+ Click File Explorer – ftp://10.0.0.23 === OK

– WIN1091 : Test access FTP server

+ Click File Explorer – ftp://10.0.0.23 === cannot access

+ Start – cmd – ping 10.0.0.23 === OK. Telnet 10.0.0.23 21 === Connect failed

– DC22 : Open port 21 on firewall

+ Access the Cisco ASA using ASDM :

+ Configuration tab – Firewall – Addresses – Add – Network Object… – Name : FTP_Server, IP Adress : 10.0.0.23

+ NAT – Tick “Add Automatic Address Translation Rule” – Type : Static, Translated Addr : Management – Advanced…

– Source Interface : LAN2, Destination Interface : Management – Protocol : tcp, Real Port : ftp, Mapped Port : ftp

+ Service Policy Rules – Add – Interface : LAN2 – Traffic Match Criteria : Default Inspection Traffic – Nextn to Rule Actions : Tick FTP – Finish – Apply

+ Configuration tab – Firewall – Right-click LAN2 – Add Access Rule… :

+ Action : Permit, Source : 10.0.2.91, Destination : FTP_Server, Service : – tcp/21, Description : Access FTP === OK – Apply

– WIN1091 : Test access File Server

+ Start – run – cmd – Telnet 10.0.0.23 21 === OK

+ Click File Explorer – ftp://10.0.0.23 === OK