Filezilla Cannot Connect to Server

Because only the destination port ist 21 for ftp or 80 for http.

The client port is nearly everytime one of the >1024 ports.

Or am I understanding anything in your question totally wrong?

I think I understand: the source port is irrellivant? I have a Firewall rule setup to allow the destination IP over the destination Port, but it is still dropping. The only thing I could see that wasn't covered in the rule was the source (client) port. I am just trying to figure out why, within the last week, this has stopped working.

In which 'mode' is your ftp server working, 'active' or 'passive'?

Your FW rule is 'internal Network' using service 'any' destination IP of the FTP Server?

We have tried in both passive and active modes. Firewall Rules I have tried:

Internal Network - FTP: 21, 20 - FTP Server

Any IPv4 - FTP: 21, 20 - FTP Server

Any IPv4 - Any Service/port - FTP Server

Here is a bit more info, the first is the results of a search from the live log and the second is a line from the actual firewall log:

NOTE: I have removed or 'X'd out any identifiable info.

LIVE SEARCH RESULTS:

12:40:46 Default DROP TCP
192.168.XX.XX : 39326
→
72.4.XX.XX : 21

[SYN] len=52 ttl=127 tos=0x00 srcmac=00:1c:c0:de:5a:07 dstmac=00:1a:8c:59:2a:98

FIREWALL LOG ENTRY

2017:03:17-12:40:46 cschadwick ulogd[17716]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop"
fwrule="60002" initf="eth0" outitf="eth1" srcmac="00:::::07" dstmac="00:::::98" srcip="192.168.XX.XX" dstip="72.4.XX.XX" proto="6"
length="52" tos="0x00" prec="0x00" ttl="127" srcport="39326" dstport="21" tcpflags="SYN"

fwrule="60002" means a drop out of the FORWARD chain.  That can indicate a violation of #3 in Rulz.  If that doesn't help, please show a picture of the Edit of the rule you believe should enable this traffic.  Also, have you enabled the FTP Tracking Helper on the 'Advanced' tab of 'Firewall'?

You posted this in Networking, not Web Protection.  For FileZilla, I prefer to configure the FTP Proxy in 'Operation mode: Both' and enable SOCKS5 on 'Network Protection >> Advanced'.

Cheers - Bob

I do not use SOCKS5 Proxy or the FTP Proxy. I have both turned off at the moment. The FTP connection was working fine a week or two ago. I am just not sure what would have changed. I am thinking something in the latest SOPHOS update or a Filezilla update. I will take another look today and post back any findings.

Here is a screenshot of the rule I have setup. I have tried this with more focus on the Service (FTP, File Transfer, etc.) but always end up with the same result: Cannot Connect to Server.

So, do you confirm that "GoDataFeed" is bound to 'Interface: <<Any>>' and not a specific interface?

Cheers - Bob

Yes, the definition for GoDataFeed is bound to interface:<<Any>>. I double-checked a few of my definitions yesterday to be sure I was not limiting them by binding to an interface.

Brad