NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Help configuring FTP PAssive mode



I already have the FTP PASV connection checkbox checked in policy properties. Is this all that I need to do to allow Passive mode ftp through ? What is the FTP PASSIVE server there for ?
-----Original Message-----
From: Tim Holman (home) [mailto:[email protected]]
Sent: Saturday, October 27, 2001 6:15 AM
To: [email protected]
Subject: Re: [FW-1] Help configuring FTP PAssive mode

Before trying to do all this 'manually', try selecting the accept FTP PASV connections tick box in policy properties.
-----Original Message-----
From: Mailing list for discussion of Firewall-1 [mailto:[email protected]]On Behalf Of RBHATIA
Sent: 26 October 2001 23:35
To: [email protected]
Subject: [FW-1] Help configuring FTP PAssive mode

I have FTP active mode enabled on my firewall. Due to port failure errors I need to switch over to FTP PASSIVE transfer mode. I need help configuring FTP Passive mode. I've looked all over the Phoneboy.com site but came across pages concerning the difference between Active and Passive mode but nothing about actually enabling Passive mode ftp.
 
I already have FTP control Port (21) open both coming in and going out of my FTP server. I'm wondering about the data connection port.
 
Do I need to remove the FTP data service (20) that was originally configured for Active FTP transfers ?
 
In the list of services, I see a service called FTP-PASV. Do I have to allow this service both coming into my FTP server and going out of my FTP server ?
i.e. should my rulebase look like this ?
Source        Destination    Service            Action
FTPserver    Any                FTP-Passive    Allow
Any            FTPserver        FTP-PAssive    Allow
 
In Policy - Properties - Services tab - I have the Enable FTP_PORT DAta Connections and Enable FTP_PASV Data connections options already checked.
 
Please advise.
Thanks.
RB


**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been swept by
Dimension Data mail system for the presence of computer viruses.

www.uk.didata.com
**********************************************************************


 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.