[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] FTP Problems
I have a question on this, for a problem that recently surfaced. Inside our firewall, we are doing FTP's to a server out in the internet (outside of the firewall). For the FTP's, I am not doing anything with the firewall. In fact, one of the first rules in the firewall is to allow all outbound traffic. In trying to debug a FTP problem, we have noticed that SNIFFER traces for the FTP data, especially on the control port, do not match when tracing inside and outside the firewall. To be specific KEEPALIVE's sent from inside don't appear outside, and we have a RESET inside that doesn't appear outside. Does this appear to be a passive issue? -----Original Message----- From: [email protected] [mailto:[email protected]]On Behalf Of Mike Yates Sent: Wednesday, June 13, 2001 5:42 AM To: Salter Mark; Fw-1-Mailinglist (E-mail) Subject: RE: [FW1] FTP Problems Try enabling passive mode ftp through your firewall (policy -->properties-->services) then allowing that in your rule (source - destignation - ftp-pasv). If you are using non passive (server determined) ftp you need to open up the high tcp ports. -----Original Message----- From: [email protected] [mailto:[email protected]]On Behalf Of Salter Mark Sent: June 12, 2001 4:09 AM To: Fw-1-Mailinglist (E-mail) Subject: [FW1] FTP Problems Hi Guys I am having a problem with ftping from behind a NT checkpoint fw1 through a nokia fw1. I am creating a lot of connection very quickly and all the sessions keep disconnecting, I have herd there is a patch or file mod for this does any one have any ideas of why this is happening. Cheers Mark Salter Secutiry Advisor Lynx Technology Limited Email: [email protected] Web: http://www.lynxtec.com/ <http://www.lynxtec.com/> DISCLAIMER This message is intended only for the use of the person(s) ("Intended Recipient") to whom it is addressed. It may contain information, which is privileged and confidential. Accordingly any dissemination, distribution, copying or other use of this message or any of its content by any person other than the Intended Recipient may constitute a breach of civil or criminal law and is strictly prohibited. If you are not the Intended Recipient, lease contact the sender as soon as possible. ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|