Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 3 subscribers
  • Views 6511 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

FTPS though UTM 9.3

utmliker

Hi there

I'm already reading some time here, but now I have a question for you. :-)

Just working on solving a long time issue regarding accessing FTP over TLS/SSL through UTM 9.3. I couldn't find a detailed documented solution here or anywhere. I think that I found a solution, but would like to ask you experts if I'm going the right way.

Use case:
File transfer (with Mac application 'Transmit' and) using FTP over TLS/SSL through UTM 9.3.

Issue:
UTM 9.3 did not allow the connection. FTP worked based on a already installed File Transfer firewall rule, but TLS didn't work.

Planned and tested solution:
I've added a firewall rule to allow file transfer and FTPS, while I would double check this solution with you experts (I'm not very experienced myself).

SOURCE: Internal (Network)

SERVICES:

File Transfer

FTP (UTM Default Service: TCP Destination port 21, Source port 1:65535)
TFTP (UTM Default Service: UDP, Destination port 69, Source port 1:65535)

FTPS (Self-defined service: TCP, Destination port 1024:65535, Source port: 1024:65535)

DESTINATION: Any

FTP Proxy is disabled.

Question:
Is this the right way to solve my FTPS / sFTP issue?

Sincerely
lucifer



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to BAlfson

    Hi Bob and thanks for your welcome. :-)

    The described configuration did work. Im wondering, if this configuration makes sense or if I should go an other way (do not have a lot of firewall experiences). I assume, that thousands of Sophos UTM users are also using FTPS and not only FTP, which already runs by allowing the default rule set 'File Transfer'. I couldn't find the answer to my question by searching the forum, (which was surprising me).

    So my main question is, if the yellow marked rule is what I should set to allow FTPS.

    Would you or anybody else double check this?

    Sincerely
    lucifer