Hello,
I'm working with a company that manages our timeclocks. (badge based system...not important.) What is important, is that in order for the clocks to do a firmware update, supposedly, the company makes an ftp connection to the clocks. Like, wan -> lan, tcp 21 -> 1:65535. Which is essentially how I have it configured.
Src : Zone -> WAN, Networks->Their IP address
Dest: Zone->LAN,Networks->Ip range of timeclocks
Services: TCP&UDP 1:65535->21:22,TCP&UDP 21:22->1:65535
Not matching users.
No web malware / content scanning boxes checked.
IP: WAN TO LAN
No traffic shaping, Web Policy->Allow All, Application Control->Allow All
Using standard MASQ
Firewall log picks up the traffic, but says it cannot associate packet to an connection, which I don't know what to do with.
The log entry matches my rule entry exactly, yet, still doesn't allow it through.
----------------Ex.---------------
time log type Action in interface src ip dest ip src port dest port protocol message
2019-06-06 10:31:34 Invalid Traffic Denied Port2 **Company IP** **My GatewayIP** 21 40289 TCP Could not associate packet to any
---------------------------------
Any help would be very much appreciated.
Regards,
Dan
This thread was automatically locked due to age.
