Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] ftp problem using win client and CVP

To: "'[email protected]'" <[email protected]>
Subject: [FW1] ftp problem using win client and CVP
From: Maxi Tracy A Contr AFRL/SNOO <[email protected]>
Date: Mon, 4 Dec 2000 13:44:30 -0500
Sender: [email protected]

All,

I have gone through the fw archives and Phoneboy's site but have not seen anything that I thought applied directly to this scenario...  Hopefully someone can shed some light on this for me.

a)  I can successfully ftp (command line) to a site (i.e. ftp.symantec.com) going through my CVP.  (there are fw log entries)
b)  I can successfully ftp (command line) to a site (i.e. ftp.symantec.com) NOT going through my CVP.  (there are fw log entries)

c)  I can NOT do the same ftp via a client such as wsftp32 or ws_ftppro going through my CVP.  (there is nothing in fw log)
d)  I CAN do the same ftp via a client such as wsftp32 or ws_ftppro if I do NOT go through the CVP.  (there is a fw log entry)

I do not understand why in case c I do not see anything in my firewall logs?  I log everything.  It makes it seem like it never gets to the firewall...

Is this a fw config issue, an ftp client issue, or a CVP issue?

Here is my current configuration:

Solaris 2.6 and FW 4.1sp2

rules:
source		destination	service		comment
my-IP		any		ftp->acvpre	rule used in a above

my-IP		any		ftp		rule used in b and d above; I created this rule as a test for troubleshooting

rule 0:
have enabled FTP PORT data connections
have enabled FTP PASV data connections

config files:
$FWDIR/conf/fwopsec.conf contains:
...
server        127.0.0.1         18181            auth_opsec
server        127.0.0.1         18182            auth_opsec
...


/opt/CPfw1-41/lib/base.def contains for ftp:
...
// #define FTPPORT(match)       (call KFUNC_FTPPORT <(match)>)
#define FTP_ENFORCE_NL
...

Thanks in advance for any help you may provide.  Please let me know if there is other info that would be helpful in resolving this.

Tracy A. Maxi
Firewall Administrator



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: Re: [FW1] log message queue is full
Next by Date: [FW1] SQL*net port change (extra)
Previous by thread: Re: [FW1] SQL*net port change
Next by thread: [FW1] SQL*net port change (extra)
Index(es):
- Date
- Thread