[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Ftp on non-standard port...
The correct method to accomplish this is to create an object for the remote ftp server, create an object for the new ftp service with it's corresponding port. After you've done this you will configure the following in the address translation tab: Source Packet Translated Packet Source Destination Service Source Destination Service Any Remote-ftp ftp =original =original =new ftp(port-3120)(s) Remote-ftp Any new-ftp =original =original =ftp(port-21)(s) Essentially you can lock it down further by specifying who you want as source but the overall goal is to connect to a non-standard ftp port which you accomplish by doing port translation via address translation tab. Juan Concepcion Network Engineer/Security Consultant CCSA/CCSE E-Mail: [email protected] -----Original Message----- From: [email protected] [mailto:[email protected]]On Behalf Of Mike Glassman - Admin Sent: Tuesday, June 19, 2001 10:46 AM To: 'fw-1 listserv' Subject: RE: [FW1] Ftp on non-standard port... I recall I think that there is something about this on the phoneboy web site. Have you checked there ? Mike > -----Original Message----- > From: Cihan Subasi (Garanti Teknoloji) [SMTP:[email protected]] > Sent: á éåðé 18 2001 16:00 > To: 'Matthias Leu'; Cihan Subasi (Garanti Teknoloji) > Cc: Fw-1-Mailinglist (E-mail) > Subject: RE: [FW1] Ftp on non-standard port... > > Thanks Matthias but that did not work, still I am having "invalid PORT > command" error message when I do "dir" > > -----Original Message----- > From: Matthias Leu [mailto:[email protected]] > Sent: Friday, June 15, 2001 7:24 PM > To: Cihan Subasi (Garanti Teknoloji) > Cc: Fw-1-Mailinglist (E-mail) > Subject: Re: [FW1] Ftp on non-standard port... > > > Hi, > first you have to define the service as a new TCP-service to port > 3120. Then select in the Field Protocol Type FTP in the deklaration of > this service. Making a rule accepting this new service should give you > access to FTP on port 3120 with data or passive connection. > Hope it helps, > best regards > Matthias > > > "Cihan Subasi (Garanti Teknoloji)" wrote: > > > > > Hi, > > How Can I access to a ftp server running on a non- > standard port (3120)? Seems like I can do authentication but not data > transfer...Thanks... > > ******************************************************* > Cihan Subasi > Garanti Technology > Internet Services Manager > Work : (90)> GSM : (90)> <http://www.garantitechnology.com> > <mailto:[email protected]> > ******************************************************* > ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|