Transfering / Backup Cisco Configs from outside IP to internal FTP SERVER through Firewall.
First, you need to allow your Public IP network provided to you from your ISP through your firewall on port 21 (ftp port).
If you do not set the source interface for your FTP communication, the FTP transfer may fail. By default Cisco Routers will use the uplink / outside interface, not the interface with IP addresses assigned to you by your ISP.
Router-INTERNET#sh ip int br
Interface IP-Address OK? Method Status Protocol
Embedded-Service-Engine0/0 unassigned YES NVRAM administratively down down
GigabitEthernet0/0 23.12.143.75 YES NVRAM up up
GigabitEthernet0/1 132.95.160.113 YES NVRAM up up
GigabitEthernet0/2 unassigned YES NVRAM administratively down down
Router-INTERNET#
ISP <---> g0/0---G0/1-->Inside
The command to set a source interface or IP on a cisco Router for backing up to ftp is:
router(config)#ip ftp source-interface GigabitEthernet0/1
router# copy running-config ftp
Now when you copy to your ftp server, it will use the source interface GigabitEthernet0/1 with ip 132.95.160.113, which is your company public IP.
No comments:
Post a Comment