This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[9.103-5]Need hints on ftp incoming

Hi folks,
I have a production UTM which has a server on one side running IIS ftp.
The good part is windows ftp connects and allows file transfers.

The sad part is neither filezilla or winscp can maintain a connection because they fail to get the file structure.

I am using a dnat with auto rules. ftp helpers are enabled. I can see some dropped rst packets, there is nothing in the log showing any useful information.

Any hints as to what other ports need to be opened for filezilla and winscp would be very helpful.

Thank you

Ian M

helpful.

This thread was automatically locked due to age.

Parents

0 GuyFawkes over 12 years ago
Yes, the behavior is the same as we have.

So, in the conntrackt table there are some corresponding and right entries.
The connection estamblished and then:
[DESTROY] tcp 6 src=*WAN-FTP Client* dst=*WAN-Port* sport=58038 dport=21 packets=11 bytes=527 src=*FTP-Server* dst=*WAN-FTP Client* sport=21 dport=58038 packets=18 bytes=1068 [ASSURED] mark=17301666

I'm waiting for a response from sophos, they have actually all logs.
presumption: Faulty behavior of FTP module

Nice greetings
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 GuyFawkes over 12 years ago
Yes, the behavior is the same as we have.

So, in the conntrackt table there are some corresponding and right entries.
The connection estamblished and then:
[DESTROY] tcp 6 src=*WAN-FTP Client* dst=*WAN-Port* sport=58038 dport=21 packets=11 bytes=527 src=*FTP-Server* dst=*WAN-FTP Client* sport=21 dport=58038 packets=18 bytes=1068 [ASSURED] mark=17301666

I'm waiting for a response from sophos, they have actually all logs.
presumption: Faulty behavior of FTP module

Nice greetings
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data