I'm facing a strange issue. It happens that when I download a file from an FTP server, it always stops at 4.5% (it happens also with other files, at different percentages). The strangeness is that I have two networks (internal and guest) and this issue happens only when I download from internal network.
For investigate into this issue I tried to disable webfiltering, so there are only rules that allow ftp traffic to internet (for both internal and guest networks). But the issue still occurs.
I tried to disable also IPS, but nothing...
This is the firewall log:
19:16:09 Default DROP TCP IP_REMOTE_FTP:21 IP_MY_WAN2:59476 [ACK PSH] len=77 ttl=48 tos=0x08 srcmac=0:50:7f:76:7d:a0 dstmac=0:1a:8c:32:27:3
19:16:09 Default DROP TCP IP_REMOTE_FTP:21 IP_MY_WAN2:59476 [ACK FIN] len=40 ttl=48 tos=0x08 srcmac=0:50:7f:76:7d:a0 dstmac=0:1a:8c:32:27:3
19:16:09 Default DROP TCP IP_REMOTE_FTP:21 IP_MY_WAN2:59476 [ACK PSH] len=77 ttl=48 tos=0x08 srcmac=0:50:7f:76:7d:a0 dstmac=0:1a:8c:32:27:3
19:16:10 Default DROP TCP IP_REMOTE_FTP:21 IP_MY_WAN2:59476 [ACK PSH] len=77 ttl=48 tos=0x08 srcmac=0:50:7f:76:7d:a0 dstmac=0:1a:8c:32:27:3
19:16:10 Default DROP TCP IP_REMOTE_FTP:49492 IP_MY_WAN2:59106 [ACK PSH] len=54 ttl=48 tos=0x08 srcmac=0:50:7f:76:7d:a0 dstmac=0:1a:8c:32:27:3
19:16:16 Default DROP TCP IP_REMOTE_FTP:21 IP_MY_WAN2:59476 [ACK PSH] len=77 ttl=48 tos=0x08 srcmac=0:50:7f:76:7d:a0 dstmac=0:1a:8c:32:27:3
19:16:16 Default DROP TCP IP_REMOTE_FTP:33096 IP_MY_WAN2:59537 [ACK] len=1442 ttl=48 tos=0x08 srcmac=0:50:7f:76:7d:a0 dstmac=0:1a:8c:32:27:3
19:16:42 Default DROP TCP IP_MY_LAPTOP:59530 IP_REMOTE_FTP:33095 [ACK RST] len=40 ttl=127 tos=0x00 srcmac=f0[:D]e:f1:ce:b3:8e dstmac=0:1a:8c:32:27:0
as you can see there are a lot of packets dropped from remote FTP to my WAN2 address, at the end I have a dropped packet from internal ip of my laptop to ftp server.
The error I got in FTP client is Connection timeout.
When I connecto to FTP server using guest interface, I got no dropped packets at all...
Does anyone knows a reason for this issue?
Thanks
eclipse79
EDIT: It must be something dealing with multipath rule/uplink balancing. I have two WANs, WAN1 for our web servers (dmz interface) and WAN2 for internal and guest networks. Trying to disable WAN2, all traffic passes through WAN1 and I got no issue at all also in internal network. I am sure that both networks uses WAN2 for FTP+HTTP traffic (I also checked it in remote ftp logs). So, using WAN1 both internal and guest networks work fine, enabling WAN2 (the traffic will be redirected using multipath rules) only guest network can work without issue. How it's possible what happens? [:(]
This thread was automatically locked due to age.