Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 8 replies
  • Subscribers 1 subscriber
  • Views 729 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Using FTP behind Astaor Proxy

a7medem
Hi Astaro Users

I'm using ASG 425 as web proxy only
I create a Packet Filter from any to any service any
I disabled the IPS

when I trying to accessing to ftp via web i can access
but via ftp client I can't I configure the ftp client with proxy ip
address but also doesn't work

I'm using filezilla

Regards


This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to BAlfson
    Sorry, I just reread your post and realized that you can access ftp with your browser.  If you are using the FTP Proxy in transparent mode, you don't need to change the configuration of your FTP client.  Just use the standard ports (20 & 21).

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson
    thanks for your help

    but it's not working
  • 0 in reply to a7medem
    Well, just for fun, I downloaded and installed filezilla3.2.0 - I put "download.astaro.com" in 'Host', left 'User' and 'Password' blank, put "21" in port, clicked on 'Quickconnect' then downloaded a file.  That works with the FTP Proxy enabled and with it disabled.  Do you have a packet filter rule 'Internal(Network):{port 21 service}->Any:Allow' and have you enabled 'Connection tracking' on the 'Advanced' tab?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Hi

    I use it only as a web proxy 

    here is my scenario 

    the firewall is Cisco ASA 
    the proxy is ASG425

    there is access list in the ASA any traffic from the VLANs to the internet using ports (20,21,80 and 443) deny 
    it has to be throw ASG all users have to use ASG as a proxy server
    other traffic from VLANS like SMTP , Pop3 and RDP is permitted from the ASA to outside no need to pass throw ASG.
    now the users can accessing to the internet using ASG also FTP from the IE and Firefox is working 
    but from FTP client like filezilla or SmartFTP or any FTP Client it's not working
  • 0 in reply to a7medem
    Yes, thanks, your scenario was clear in your original post.  Do you have the box checked for 'FTP' on the 'Advanced' tab of 'Network Security >> Packet filter'?
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Thanks for your help 

    I don't now but I didn't change any thing from the tab I leave it as default
  • 0 in reply to a7medem
    From the manual:
    Select the connection tracking helper modules that should be loaded. They enable multiport protocols to work with the packet filter or NAT rules.
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA