Cisco ASA 5505 Configuration Manual page 678

Configuring File Access
Configuring the FTP Client Mode
The adaptive security appliance can use FTP to upload or download image files or configuration files to
or from an FTP server. In passive FTP, the client initiates both the control connection and the data
connection. The server, which is the recipient of the data connection in passive mode, responds with the
port number to which it is listening for the specific connection.
To configure the FTP client to be in passive mode, perform the following steps:
From the Configuration > Device Management > Management Access > File Access > FTP Client pane,
Step 1
check Specify FTP mode as passive.
Step 2 Click Apply.
The FTP client configuration is changed and the change is saved to the running configuration.
Configuring the Adaptive Security Appliance as a Secure Copy Server
You can enable the secure copy server on the adaptive security appliance. Only clients that are allowed
to access the adaptive security appliance using SSH can establish a secure copy connection.
This implementation of the secure copy server has the following limitations:
•
•
•
•
•
To configure the adaptive security appliance as a Secure Copy (SCP) server, perform the following steps:
From the Configuration > Device Management > Management Access > File Access > Secure Copy
Step 1
(SCP) Server pane, check Enable secure copy server.
Click Apply.
Step 2
The changes are saved to the running configuration. The adaptive security appliance can function as an
SCP server for transferring files from/to the device.
Configuring the Adaptive Security Appliance as a TFTP Client
TFTP is a simple client/server file transfer protocol described in RFC783 and RFC1350 Rev. 2. You can
configure the adaptive security appliance as a TFTP client so that it can transfer a copy of its running
configuration file to a TFTP server using File > Save Running Configuration to TFTP Client or Tools >
Command Line Interface. In this way, you can back up and propagate configuration files to multiple
adaptive security appliances.
Cisco ASA 5500 Series Configuration Guide using ASDM
32-6
The server can accept and terminate connections for secure copy, but cannot initiate them.
The server does not have directory support. The lack of directory support limits remote client access
to the adaptive security appliance internal files.
The server does not support banners.
The server does not support wildcards.
The adaptive security appliance license must have the VPN-3DES-AES feature to support SSH
version 2 connections.
Chapter 32 Configuring Management Access
OL-20339-01