|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] FTP Problems
http://www.phoneboy.com/faq/0106.html could well be it for you and Mark. FW1 by default thinks a certain range of ports are services and by default blocks them. FTPing ton's of files will cause the ftp client to try to use these ports after a while and you session will be dropped. (evey file transfer requires a new port or two) You do not need to open up the high ports on non-passive as the session has already been initialised via port 21. -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Thursday, 14 June 2001 8:10 AM To: [email protected]; [email protected]; [email protected] Subject: RE: [FW1] FTP Problems I have a question on this, for a problem that recently surfaced. Inside our firewall, we are doing FTP's to a server out in the internet (outside of the firewall). For the FTP's, I am not doing anything with the firewall. In fact, one of the first rules in the firewall is to allow all outbound traffic. In trying to debug a FTP problem, we have noticed that SNIFFER traces for the FTP data, especially on the control port, do not match when tracing inside and outside the firewall. To be specific KEEPALIVE's sent from inside don't appear outside, and we have a RESET inside that doesn't appear outside. Does this appear to be a passive issue? -----Original Message----- From: [email protected] [mailto:[email protected]]On Behalf Of Mike Yates Sent: Wednesday, June 13, 2001 5:42 AM To: Salter Mark; Fw-1-Mailinglist (E-mail) Subject: RE: [FW1] FTP Problems Try enabling passive mode ftp through your firewall (policy -->properties-->services) then allowing that in your rule (source - destignation - ftp-pasv). If you are using non passive (server determined) ftp you need to open up the high tcp ports. -----Original Message----- From: [email protected] [mailto:[email protected]]On Behalf Of Salter Mark Sent: June 12, 2001 4:09 AM To: Fw-1-Mailinglist (E-mail) Subject: [FW1] FTP Problems Hi Guys I am having a problem with ftping from behind a NT checkpoint fw1 through a nokia fw1. I am creating a lot of connection very quickly and all the sessions keep disconnecting, I have herd there is a patch or file mod for this does any one have any ideas of why this is happening. Cheers Mark Salter Secutiry Advisor Lynx Technology Limited Email: [email protected] Web: http://www.lynxtec.com/ <http://www.lynxtec.com/> DISCLAIMER This message is intended only for the use of the person(s) ("Intended Recipient") to whom it is addressed. It may contain information, which is privileged and confidential. Accordingly any dissemination, distribution, copying or other use of this message or any of its content by any person other than the Intended Recipient may constitute a breach of civil or criminal law and is strictly prohibited. If you are not the Intended Recipient, lease contact the sender as soon as possible. ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== *************************************************** This e-mail is not an official statement of the Waikato Regional Council unless otherwise stated. Visit our website http://www.ew.govt.nz *************************************************** ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
