Forum Discussion
L4L7_53191
Nov 17, 2010Nimbostratus
I think Aaron is right: the FTP server (or proxy or whatever) needs to have an idea that there's an upstream device handling a VIP address.
But I am confused: from what I know, PORT is used only for *active* ftp, as opposed to PASV. It specifies which port the client is supposed to expect traffic on. For example, see the (very good) description of the differences here: http://www.troubleshootingnetworks.com/ftpinfo.html
So if this is the case, it's likely that this is simply a flow issue: active FTP is challenging for firewall setups. The LTM ftp profile accommodates both active/passive FTP, so I actually doubt that this is the issue. I don't know how the proxy may or may not be affecting these flows though, so that could be complicating things!
Good luck,
-Matt