Accessing Clients FTP Site From Local Subnet

Hi,

that rule wil allow the external site access to your LAN.

I think you are wanting your internal users to access the ftp site? Unless there is a specific reason to add the ftp server that is different to general internet access, then you will not need an ftp rule.

Ian

Honestly I was just trying to interpret the Juniper configuration from the previous firewall. You are 100% correct we are accessing the clients FTP site and I have had zero luck trying to get LAN to WAN to work at all on this device so I was trying anything. Even on the initial setup on SAturday I had all my LAN to WAN and WAN to LAN rules completely separate for traffic going in and out and I ended up deleting all my User/Network rules and simply checked Reflexive rule in the business rules to get everything to work.

I tried reversing everything first and the same result, no authentication. Baffled why I'm struggling with these rules.

Hi,

a simple rule to get you going.

Source any, network any, destination any, network any, services any, nat, masq, use primary gateway.

You can added IPS lan to wan, web policy allow all, application policy allow all.

From there you can refine with additional rules.

Remember the rules are applied top down, not by id number.

Ian

Thanks, yeah I'm having no luck, is there a way to see a detailed view of the log from previous attempts in Sophos to see where its possibly going wrong. 

ON Filezilla end I will get:

Status: Connection established, waiting for welcome message...
Response: 220 FTP Server ready.
Command: AUTH TLS
Response: 234 AUTH TLS successful
Status: Initializing TLS...
Error: Connection timed out after 20 seconds of inactivity
Error: Could not connect to server

ON my firewall, this is the only log I can seem to find as I'm not too familiar with the details of logs.

The x.x.x.x is just me manually masking their IP address but I'm thinking the log should say my WANs IP and not my PC. 

And this log entry:

So I am bit confused firstly Rule 0, I"m confused what this is and about firewall Rule 2 is my default LAN -> WAN not the Rule I created for this, outgoing traffic, which happens to be Rule 5. Rule 5 is located above the default Lan->WAN rule.

Thanks, yeah I'm having no luck, is there a way to see a detailed view of the log from previous attempts in Sophos to see where its possibly going wrong. 

ON Filezilla end I will get:

Status: Connection established, waiting for welcome message...
Response: 220 FTP Server ready.
Command: AUTH TLS
Response: 234 AUTH TLS successful
Status: Initializing TLS...
Error: Connection timed out after 20 seconds of inactivity
Error: Could not connect to server

ON my firewall, this is the only log I can seem to find as I'm not too familiar with the details of logs.

The x.x.x.x is just me manually masking their IP address but I'm thinking the log should say my WANs IP and not my PC. 

And this log entry:

So I am bit confused firstly Rule 0, I"m confused what this is and about firewall Rule 2 is my default LAN -> WAN not the Rule I created for this, outgoing traffic, which happens to be Rule 5. Rule 5 is located above the default Lan->WAN rule.

I'm so happy with myself, I got in touch with the client and they supplied me with the exact info I needed and now my Firewall Rule #5 is working and connection established.