Re: [fw-wiz] Slow FTP downloads from behind PIX



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Check the duplex settings on all the related links.

- --Trey

Darren Maskowitz wrote:
| I'm having some issues with FTP traffic through our Cisco PIX 515E.
| Our corporate FTP server is located outside the firewall, and we
| recently upgraded the FTP server software. This resulted a noticeable
| increase in the speed uploading files to the server (5 MB/s+). However
| when attempts were made to download files from the server speeds
| average about 300 KB/s, rapidly fluctuating between 30KB/s and 600
| KB/s. Downloading the same file to a server outside our firewall
| resulted in speeds of about 6MB/s.
|
| Looking at the firewall: the default inspection scheme is enabled, and
| the FTP inspection is turned on. The FTP server requires active
| transfer mode, and everything works, albeit slowly. After turning off
| FTP inspection connections to the FTP server did not work until
| enabling passive mode, but that didn't change the speeds at all.
|
| I should probably also mention that the PIX is not doing any NAT. All
| the workstations and servers here have Internet routable IP addresses
| (206.75.x.x).
|
| Any suggestions?
|
| Thanks,
| Darren
| _______________________________________________
| firewall-wizards mailing list
| firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
| https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

- --
++----------------------------------------------------------------------------++
Kingfisher Operations
Trey Darley - Principal
toll-free: 866.703.0660
landline: +1 / 404.455.1516
mobile: +352/621.384.160
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIUNppQXaSM49tivARAmlLAJ9VOHf7e5CEyB1GkA3npYMT7f2KGgCdFheC
W/ujJXlXSUSXnn1TVmLjqRo=
=TkE3
-----END PGP SIGNATURE-----
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • Re: Microsoft FTP Server problem on W2K?
    ... It is a UNISYS ClearPath mainframe system that is trying to FTP using ... passive mode to a MS FTP server. ... Currently the mainframe FTPs in ACTIVE mode. ... Since the mainframe pushes files to our customers over a WAN connection, ...
    (microsoft.public.inetserver.iis.security)
  • RE: FTP Upload
    ... FTP server to the following specified size. ... //set or get the remote path of the FTP server that you want to connect. ... //set the class MessageString. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: FTP Upload
    ... FTP server to the following specified size. ... //set or get the remote path of the FTP server that you want to connect. ... //set the class MessageString. ...
    (microsoft.public.dotnet.framework.aspnet)
  • RE: vsftpd beginners tutorial?
    ... # This file was created to illustrate the steps needed to create a new FTP ... Why vsftpd as this FTP Server? ... System software customization considerations. ... User and Group Configuration ...
    (RedHat)
  • Re: IPSwitch, Inc. WS_FTP Server
    ... > bounce attack as well as PASV connection hijacking. ... > The FTP bounce vulnerability allows a remote attacker to cause the ... > anonymously along with any internal addresses that the FTP server has ... That means it's got to handle a PORT ...
    (Bugtraq)