[c-nsp] FTP Problem - Cisco ASA Box
Pekka Savola
pekkas at netcore.fi
Thu Aug 31 00:54:25 EDT 2006
On Wed, 30 Aug 2006, Jason Lixfeld wrote:
> Looks like you modified your policy-maps from the defaults, so try
> adding an inspect ftp to your policy-map and see if that helps.
FWIW, Cisco IOS Firewall's FTP inspection breaks (throughput degraded
to a couple of dozen kilobytes per second) if you're using large TCP
receive buffers (e.g., Linux kernel >=2.6.17) so watch out if you're
using it. A case has been opened but I don't know its status.
--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
More information about the cisco-nsp
mailing list