NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Ftp on non-standard port...



The correct method to accomplish this is to create an object for the remote
ftp server, create an object for the new ftp service with it's corresponding
port.  After you've done this you will configure the following in the
address translation tab:

     Source Packet                     Translated Packet
Source     Destination 	 Service	Source	 Destination    Service
Any	     Remote-ftp	  ftp	      =original    =original	    =new
ftp(port-3120)(s)
Remote-ftp 		Any     new-ftp    =original   =original       =ftp(port-21)(s)

Essentially you can lock it down further by specifying who you want as
source but the overall goal is to connect to a non-standard ftp port which
you accomplish by doing port translation via address translation tab.

Juan Concepcion
Network Engineer/Security Consultant
CCSA/CCSE
E-Mail: [email protected]


-----Original Message-----
From: [email protected]
[mailto:[email protected]]On Behalf Of Mike
Glassman - Admin
Sent: Tuesday, June 19, 2001 10:46 AM
To: 'fw-1 listserv'
Subject: RE: [FW1] Ftp on non-standard port...



I recall I think that there is something about this on the phoneboy web
site.

Have you checked there ?

Mike

> -----Original Message-----
> From:	Cihan Subasi (Garanti Teknoloji) [SMTP:[email protected]]
> Sent:	á éåðé 18 2001 16:00
> To:	'Matthias Leu'; Cihan Subasi (Garanti Teknoloji)
> Cc:	Fw-1-Mailinglist (E-mail)
> Subject:	RE: [FW1] Ftp on non-standard port...
>
> Thanks Matthias but that did not work, still I am having "invalid PORT
> command" error message when I do "dir"
>
> 	-----Original Message-----
> 	From: Matthias Leu [mailto:[email protected]]
> 	Sent: Friday, June 15, 2001 7:24 PM
> 	To: Cihan Subasi (Garanti Teknoloji)
> 	Cc: Fw-1-Mailinglist (E-mail)
> 	Subject: Re: [FW1] Ftp on non-standard port...
>
>
> 	Hi,
> 	first you have to define the service as a new TCP-service to port
> 3120. Then select in the Field Protocol Type FTP in the deklaration of
> this service. Making a rule accepting this new service should give you
> access to FTP on port 3120 with data or passive connection.
> 	Hope it helps,
> 	best regards
> 	Matthias
>
>
> 	"Cihan Subasi (Garanti Teknoloji)" wrote:
>
>
>
>
> 		        Hi,
>
> 		        How Can I access to a ftp server running on a non-
> standard port (3120)? Seems like I can do authentication but not data
> transfer...Thanks...
>
> 		*******************************************************
> 		Cihan Subasi
> 		Garanti Technology
> 		Internet Services Manager
> 		Work :  (90)> 		GSM :   (90)> 		<http://www.garantitechnology.com>
> 		<mailto:[email protected]>
> 		*******************************************************
>


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.