[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] FTP problem
Peter, Disable(uncheck) the PASV option. Test. You'll most likely find that many more sites work fine now. The PASV option seems to have been reversed. Now some of the sites may still not work. You'll have to make another change. 1. Stop fw-1 (fwstop) 2. Edit the $FWDIR/lib/base.def 3. Comment out the following line: #define FTP_ENFORCE_NL to: //#define FTP_ENFORCE_NL 4. Start fw-1 (fwstart) 5. Install the policy again If you want more info on this, do a search of 'pasv' on www.securepoint.com/fw1. Robert - - Robert P. MacDonald, Network Engineer e-Business Infrastructure G o r d o n F o o d S e r v i c e Voice:email: [email protected] >>> "Peter Schwalger" <[email protected]> 9/3/00 10:14:19 PM >>> > >Set up is Mgmt Module 4.0 SP7 and a firewall 3.0b SP9 both on NT4.0 SP5. > >I have users complaining that ftp is not working. > >When I looked in the firewall logs I could see the client connect to the ftp >server on the control port. I noticed however that the ftp-data back >connection from the server to the client was being dropped by my last rule >(clean-up rule). > >The global properties under services has both Enable FTP PORT Data >Connections and also >Enable FTP PASV Data Connections have both been checked so I would have >thought I would not need to set up an explicit rule. > >Can anyone please enlighten me, do I need to explicitly define a rule, if so >what does the pseudo rule do? > >If anyone can also define what ~ local client means in the implied pseudo >rules I would also be grateful. > >Thanks in anticipation....Peter. ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|