Dear all!
On my XGv15MR3 Home, I've configured a Non-HTTP based Business Application Rule for making my internal FTP Server public accessable. As far as I could bring in Information, there is a "nearly undocumented" FTP-Helper, which is automatically running, so creating the Business Application Rule for only Port 21 should be sufficient.
Some tests proofed, the FTP communication is working with smaller files. If I wanted to transfer larger Files (For example, a 3.5GB ISO), my Client terminated connection after about 15% transfering. Error Message:
Timeout detected. (control connection)
Copying files to remote side failed.
In Security Logfiles, I can find some Log Entries which are looking the following:
2016-08-18 13:46:45 Invalid Traffic Denied - 0 Port1 - <IP_of_internal_FTP_SERVER> :TCP(55023) <public_ip_of_FTP-Client> :TCP(30065)
Port 55023 is in Range, with which I configured my FTP Server to use as High Ports. I tried manually to create an outgoing Firewall Rule for enabling this kind of Traffic. This rule was never used by the firewall, and Traffic was dropped as Invalid traffic anyways.
I also tried to set the option set advanced-firewall ftpbounce-prevention data which was advised in other threads with similar symptoms here, but didn't have any luck! From my perspective those timeouts do not stand in relation with TCP Session Timeout (Which is set in my case to 10800s what is 3hours) in my case and IPS is completely disabled on the corresponding rule.
Any other Ideas how to solve this from the community?
This thread was automatically locked due to age.
