Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 30 subscribers
  • Views 1477 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cannot browse FTP directory since installing a Sophos XGS

josh macde

I'm trying to connect to an external FTP Server from inside the office, but the Sophos XGS isn't allowing this. It's allowing the initial connection to happen, but is blocking any further traffic with "Could not associate packet to any connecMobdro tion"

I'm sure this has something to do with the way FTP uses random ports, but have no idea how to solve the issue. I've triel creating a rule allowing all traffic in from the FTP's IP address but still no luck.VidMate 

Any advice would really be appreciated.



This thread was automatically locked due to age.
  • 0

    Hi,

    you need an outgoing rule, not an incoming rule.The firewall will associate the returning traffic with outgoing requests and pass it through. 

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0

    There is sometimes a issue with the firewall itself called ftp bounce attack. community.sophos.com/.../ftp-passive-mode

    __________________________________________________________________________________________________________________

  • 0

    Just create a business rule on firewall page .

    Source > WAN

    Destination > Your WAN Port

    Services > Create New >

    TCP - Source: 1:65535 - Destination 21

    TCP - Source: 1:65535 - Destination 990

    TCP - Source: 1:65535 - Destination 50000:51000 (don't forget the set filezilla passive port to 50000:51000)

    Forward to > Protected Server: (Your ftp server) - Protected Zone: LAN

    Tick >Create Reflexive Rule

    Open console > 4. Device Console >

    set advanced-firewall ftpbounce-prevention data 

    It works perfectly on me. 

    -----------------------

    Thank & Regards,

    Nilesh Mojidra

    If a post solves your question, use the 'Verify Answer' link.

Cookie Information Banner