Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] ftp problem on NG FP2 with CVP

To: [email protected]
Subject: [FW-1] ftp problem on NG FP2 with CVP
From: Peter Matej <[email protected]>
Date: Mon, 17 Jun 2002 10:31:31 +0200
Organization: INTAS s.r.o.
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Hi FW-1 Wizards !

We try to configure Trend Micro to works like VirusWall for  ftp, http and
smtp protocol -say Security
server (Solaris 8, SPARC, last patches for OS and TREND applied). Security
server is in DMZ
and have to communicate with FW1 (Solaris 8, SPARC, last patches....) via
CVP.
Both FW and Security server are in cluster (StoneSoft, last patches).

The problem is , that ftp is in 90% dropped after some ammount of delivered
data!

The client see that the connection to FTP server is OK (DIR, HASH ...work
fine)
after putting command GET, file start to be received, but after some ammount
of data
(not the same ammount) is receiving frozen. But an about one of 10 attempts
is SUCCESFULL !

In FW log we can see:
1. .....ftp allowed rule ...
2. ... file scanned succesfull, Content Security Server ..."No virus found"
result ...
(in this time is transmision on client side frozed)
3. reason tried to open port < 1024, port "x" protocol tcp
where x is "random" port  - 2, 94, 113 etc ...

I can't to put these "random" ports from from defined services to other as
mentioned in
one remark of additional documentation of NG.
It's seems me, like bug in CVP implementation, becose scanning is done,
(see the log entry), but the rest of file is not forwarded via FW1 Secure
FTP server.

But may be I'm just doing some stupid mistake.

Has somebody any comments, solutions, help, hints ...?

Thank's in advance !

--
Peter Matej,  CCNA
Network & Security projects

INTAS s.r.o.                        tel.:  ++421 55 6335012
Stromova 10                        fax:   ++421 55 6335013
040 01 Kosice                     [email protected]
Slovak Republic


---
Odchádzajúca správa neobsahuje vírusy.
Outgoing message is without viruses.
Skontrolované antivírusovým systémom AVG (http://www.grisoft.cz).
Verzia: 6.0.370 / Vírusová databáza: 205 - dátum vydania: 5. 6. 2002

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

Prev by Date: Re: [FW-1] Anyone tried 4.1 SP6 yet?
Next by Date: [FW-1] Contivity VPN behind FW-1
Previous by thread: [FW-1] AW: [FW-1] web server on secure lan
Next by thread: [FW-1] Contivity VPN behind FW-1
Index(es):
- Date
- Thread