[c-nsp] route-map ftp connection
Kaj Niemi
kajtzu at basen.net
Wed Oct 15 18:34:53 EDT 2008
Hi,
You could try using NBAR on your 2811, for example:
route-map inet permit 100
match protocol ftp
set ...
See http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t8/dtnbarad.htm
for more info :)
On Oct 15, 2008, at 02:53, Dan Letkeman wrote:
> Hello,
>
> I have a route-map on my 2811 router that sets the next hop for ftp
> traffic:
>
> route-map inet permit 100
> match ip address ftp
> set ip next-hop 192.168.11.101
>
> The access list looks like this:
>
> 1 permit tcp any any eq ftp
> 2 permit tcp any any eq ftp-data
> 3 deny ip any any
>
>
> This seem's to work well for active ftp connections but passive ftp
> connections don't seem to make a connection. Is there something else
> I can do to make this work with passive ftp connections?
>
> Thanks,
> Dan.
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
Kaj
--
Kaj J. Niemi
<kajtzu at basen.net>
+358 45 63 12000
More information about the cisco-nsp
mailing list