We had Pitney Bowes come out and install a new mail meter service that uses FTP for communication and transfer, however it is not working. They said we needed to make sure FTP open blah blah blah, which it is so I started digging around.
I found the following issue when communicating with the IP to their site:
2014:09:17-07:49:28 fw1 ulogd[27509]: id="2014" severity="info" sys="SecureNet" sub="packetfilter" name="DNS request" action="DNS request" fwrule="60011" initf="eth0" srcmac="0:10:60:b5:7a:68" dstmac="0:1a:8c:12:ad:80" srcip="redacted" dstip="165.87.13.129" proto="17" length="63" tos="0x00" prec="0x00" ttl="128" srcport="2049" dstport="53"
2014:09:17-07:49:29 fw1 ulogd[27509]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth0" outitf="eth1" srcmac="0:10:60:b5:7a:68" dstmac="0:1a:8c:12:ad:80" srcip="redacted" dstip="165.87.13.129" proto="17" length="63" tos="0x00" prec="0x00" ttl="127" srcport="2049" dstport="53"
After looking around it appears this is related to IPS. I have not tested it with IPS off YET, but I will. Has anyone had an issue like this and is the resolution to put in an exception for the host destip, in this case 165.87.13.129?
This thread was automatically locked due to age.
