[c-nsp] Problems downloading from ftp.cisco.com
Geert Nijs
geert.nijs at gmail.com
Fri Apr 23 09:45:07 EDT 2010
Hello all,
A customer of us has a really strange problem. He can't download anything
from ftp.cisco.com
He is sitting behind a Checkpoint Firewall. The Firewall admin says that
everything is configured correctly (we can download from other FTP sites).
I don't even get to the user login prompt ! We only get half a header at
Cisco:
*C:\>ftp ftp.cisco.com*
Connected to ftp.cisco.com.
220- <}======[+]> FTP.CISCO.COM <[+]======={>
220-
-> That's all folks...........
*C:\>ftp ftp.microsoft.com*
Connected to ftp.microsoft.akadns.net.
220 Microsoft FTP Service
*User (ftp.microsoft.akadns.net:(none)): anonymous*
etc...
any ideas ?
We have debugged the issue until this level:
On the DMZ interface of -the same- firewall, it works. MTU of Servers in DMZ
is 1500 (default)
On the Internal interface of -the same- firewall, it doesn't work. The MTU
of the client PCs is set to 1300 (smaller, non-default). There are no MTU
issue up until the
firewall as the network can support MTU 1500
regards,
Geert
More information about the cisco-nsp
mailing list