[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] FTP Security Server caching IP address
Do you have an object defined for the destination server? ** Nope. The rule is FTPUsers@InternalNetwork -- Any -- FTP>FullAccess -- UserAuth Do you have a local hosts entry on firewall for destination FTP server? ** Nope Paul Mills Check Point Certified (CCSA, CCSE) Information Security Analyst //AMERICREDIT CORPORATION -----Original Message----- From: Xena Warrior [mailto:[email protected]] Sent: Wednesday, January 01, 2003 6:56 AM To: [email protected] Subject: Re: [FW-1] FTP Security Server caching IP address ??? Very odd. Do you have an object defined for the destination server? Do you have a local hosts entry on firewall for destination FTP server? www --- "Mills, Paul" <[email protected]> wrote: > Sorry I didn't include: > > Check Point v4.1 SP5 on Nokia IPSO 3.4.1 FCS-5 > > We are working on a migration plan to FP3 but we're > not there yet... > > Paul Mills > > > -----Original Message----- > From: jimbo [mailto:[email protected]] > Sent: Friday, December 20, 2002 12:59 PM > To: [email protected] > Subject: Re: [FW-1] FTP Security Server caching IP > address > > > interesting, what v of cp are you using? > > > -----Original Message----- > Subject: [FW-1] FTP Security Server caching IP > address > > > I am trying to FTP to a server on a DSL line. The > host is using No-IP to > keep a DNS name current with the server's IP address > but the FTP Security > Server is having problems with it. Below is the log > of a connection: (names > have been changed) > > Finding Host x.y.z ... > Connecting to 65.0.81.119:21 > Connected to 65.0.81.119:21 in 0.015, Waiting for > Server Response > 220 aftpd:Check Point FireWall-1 Secure FTP server > running on bandon > Host type (1): Automatic detect > USER sname@[email protected] > 331 aftpd: RADIUS password: you can use > password@RADIUS-password > PASS (hidden) > 413-aftpd:User fwname authenticated by RADIUS > authentication > 413 aftpd:Connection to 65.0.82.135 failed > > Now the strange part is that this worked once, the > first time I did it, but > now the 65.0.82.135 address seems to be cached > somehow because even though > the internal DNS servers properly resolve the > current IP (65.0.81.119) the > FTP Security Server still tries to contact the old > IP. I've looked on > Phoneboy but didn't find anything. I think this > could be stopping us from > hitting other FTP servers as well. > > Anyone seen this before? > Thanks, > > Paul Mills ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|