use application control to Block Ftp upload fail

Hi,

Can you share some pictures of the configured application policy for blocking FTP? Also, make sure that the FTP traffic flows through the same fw-rule within which the configured application policy is defined. You can monitor the traffic using the packet capture utility. Finally, if everything is good then check micro-app discovery option in the application policy.

Any help?

Hi sachingurung,

the ftp traffic is pass through the rule ID4

config is as fig

Hi,

The configurations look good, try to do an FTP upload and check in Log Viewer | Application filter if there is any FTP request blocked. If not, show us the picture of IPS settings, take SSH to XG and go to option 4. Device Console and execute the following command: show

show ips-settings

Thanks

Hi,

The configurations look good, try to do an FTP upload and check in Log Viewer | Application filter if there is any FTP request blocked. If not, show us the picture of IPS settings, take SSH to XG and go to option 4. Device Console and execute the following command: show

show ips-settings

Thanks

Hi,

-------

console> sh ips-settings
-------------IPS Settings-------------
        stream on
        lowmem on
        maxsesbytes 0
        maxpkts 8
        mmap on
        enable_appsignatures on
        http_response_scan_limit  65535


-------------IPS Instances------------
IPS CPU
 1  0

------

the default is maxpkts 8 can not block ftp upload  

and when i try to set ips maxpkts 80  or set ips maxpkts all
I found the first time upload file can be block

but, after a file download finish then block ftp upload will fail.