Over the past weekend, we changed from an ISP hosted firewall solution, to an internal firewall. In doing so, our outside IP address changed.
On a daily basis, we do quite a few file transfers via every protocol known to man, however FTP/FTPS connections to a few venders are failing with the same error.
The FTP/FTPS servers are using IP filtering as the main filter for security.
We are using an ASA5520 with unrestricted outbound traffic, only filtering incoming.
Currently when connecting to a few FTP/FTPS servers after these changes, we are recieving "Socket Read Error (Winsock Error 10054 WSAECONNRESET)". We are able to connect to the sites, however unable to recieve a directory listing.
To me, this says that they seem to have the FTP port open, however not allowing traffic via the other "FTP" ports. This happens with Five differnt venders, which makes me wonder however if it's something on our side.
I know with my system at home, I am able to just port forward tcp/ftp (Cisco ASA5505) which then opens the other ports "as needed".
Anyone have any ideas?
On a daily basis, we do quite a few file transfers via every protocol known to man, however FTP/FTPS connections to a few venders are failing with the same error.
The FTP/FTPS servers are using IP filtering as the main filter for security.
We are using an ASA5520 with unrestricted outbound traffic, only filtering incoming.
Currently when connecting to a few FTP/FTPS servers after these changes, we are recieving "Socket Read Error (Winsock Error 10054 WSAECONNRESET)". We are able to connect to the sites, however unable to recieve a directory listing.
To me, this says that they seem to have the FTP port open, however not allowing traffic via the other "FTP" ports. This happens with Five differnt venders, which makes me wonder however if it's something on our side.
I know with my system at home, I am able to just port forward tcp/ftp (Cisco ASA5505) which then opens the other ports "as needed".
Anyone have any ideas?
