Cisco Cisco Web Security Appliance S690 User Guide

Authentication Format

Choose the authentication format the FTP Proxy uses when communicating 
with FTP clients. For more information, see 

.

Passive Mode Data Port 
Range

Specify a range of TCP ports FTP clients should use to establish a data 
connection with the FTP Proxy for passive mode connections.

Default is 11000-11009.

Active Mode Data Port 
Range

Specify a range of TCP ports FTP servers should use to establish a data 
connection with the FTP Proxy for active mode connections. This setting 
applies to both native FTP and FTP over HTTP connections. 

Default is 12000-12099. 

You might want to increase the port range in this field to accommodate more 
requests from the same FTP server. Because of the TCP session 
TIME-WAIT delay (usually a few minutes), a port does not become 
available again for the same FTP server immediately after being used. As a 
result, any given FTP server cannot connect to the FTP Proxy in active 
mode more than n times in a short period of time, where n is the number of 
ports specified in this field. 

Welcome Banner

Choose which welcome message should appear in FTP clients:

FTP server message. The FTP server message only displays for 
transparently redirected connections. When a native FTP connection is 
explicitly sent to the FTP Proxy, the FTP client displays a message 
predefined by the FTP Proxy.

Custom message. Enter a message to display for all native FTP 
connections.