NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] FTP problem



Peter,

Disable(uncheck) the PASV option. Test. You'll most
likely find that many more sites work fine now. The PASV
option seems to have been reversed.

Now some of the sites may still not work. You'll have
to make another change. 

1. Stop fw-1 (fwstop)
2. Edit the $FWDIR/lib/base.def
3. Comment out the following line:
      #define FTP_ENFORCE_NL
   to:
      //#define FTP_ENFORCE_NL
4. Start fw-1 (fwstart)
5. Install the policy again

If you want more info on this, do a search of 'pasv'
on www.securepoint.com/fw1.

Robert


- -
Robert P. MacDonald, Network Engineer
e-Business Infrastructure
G o r d o n   F o o d    S e r v i c e
Voice:email: [email protected]

>>> "Peter Schwalger" <[email protected]> 9/3/00 10:14:19 PM >>>
>
>Set up is Mgmt Module 4.0 SP7 and a firewall 3.0b SP9 both on NT4.0 SP5.
>
>I have users complaining that ftp is not working.
>
>When I looked in the firewall logs I could see the client connect to the ftp
>server on the control port. I noticed however that the ftp-data back
>connection from the server to the client was being dropped by my last rule
>(clean-up rule).
>
>The global properties under services has both Enable FTP PORT Data
>Connections and also
>Enable FTP PASV Data Connections have both been checked so I would have
>thought I would not need to set up an explicit rule.
>
>Can anyone please enlighten me, do I need to explicitly define a rule, if so
>what does the pseudo rule do?
>
>If anyone can also define what ~ local client means in the implied pseudo
>rules I would also be grateful.
>
>Thanks in anticipation....Peter.




================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents � 2003 Network Presence, LLC. All rights reserved.