This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Uplink Balancing => FTP passive mode fail

Hi there,

since the change from two single WAN internet connections to uplink balancing we have problems to connect to our FTP server in passive mode.

Old setup:

2 WAN Connections
2 Firewall rules: Any => ftp & ftp passive => ftp server
2 DNAT entries:
Traffic selector: Any → FTP → External internet (Address)
Destination translation: ftp server → FTP

Worked like a charm [:D]

Our new setup:
Firewall rules and DNAT entries weren´t changed.
We combined the two internet connections with uplink balancing. We can reach the ftp server in active mode, but as soon as we set the "PASV" command, our connection breaks. Seems like the ftp server can´t reach the external internet connect through upload balancing.

Does somebody know the reason / fix?

Thanks in advance [:)]

This thread was automatically locked due to age.

0 BAlfson over 10 years ago

Hi, swdev, and welcome to the User BB!

Do you have the FTP Connection Tracking Helper selected on the 'Advanced' tab of 'Firewall'? (good) Do you have a Multipath rule for FTP traffic that alters the default 'Persistence by source'? (probably bad)

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel
0 swdev over 10 years ago

Hi Bob,

thanks for your reply.
The FTP Connection Tracking Helper was already enabled and the multipath rules were already tested.

But after your hint with the FTP Connection Tracking Helper => I´ve disabled this features and it works flawlessly. Do you have an explanation for this behavior?
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 10 years ago

I wonder if this isn't a bug that just appeared and that you are the first to discover it. If this is not a home-use license, please open a ticket with Sophos Support.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel