NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Ftp from a MAC client



Thank you Bill,

That's what I thought after sending the mail!

I asked my customer to try in passive mode but he didn't try yet.

Thanks for your quick answer!

Regards,

Olivier RAFAEL
Network Manager
Sopra Group
[email protected]

-----Message d'origine-----
De : Mailing list for discussion of Firewall-1
[mailto:[email protected]]De la part de Bill
Husler
Envoyé : lundi 30 juin 2003 17:57
À : [email protected]
Objet : Re: [FW-1] Ftp from a MAC client


The reference to the PORT command may be tellling. FIrewalls in general
have problems with ACTIVE FTP and the use of the PORT command is an
indication that your are in ACTIVE mode. On the Mac, you can simply
enter the command:

passive

to change modes and avoid a wide variety of problems surrounding active
ftp. On windows, it gets a little more tricky as the command line ftp
client on windows does not support passive mode (they never updated
it). You can, however, use IE by setting it to use passive mode as
using it to access the ftp site. You can set it to passive by accessint
the TOOLS menu and selecting Internet options, then Advanced and
scrolling down to "use passive ftp".

We have an outstanding trouble ticket with our support vendor that has
been escalated to Checkpoint regarding active ftp -the closest thing we
have gotten to an answer is that it may be addressed (note they don't
say fixed) in fp4.
Bill

On Monday, June 30, 2003, at 08:31 AM, Rafaël Olivier wrote:

> Hello,
>
> I'm meeting the same error from a Windows client to an Unix server.
> and both are behind 2 natted Firewalls (one is CP NG FP3 and other is
> Netfilter based firewall).
>
> Im'looking for a solution.. but can't find anything on google...
>
> Any Idea/solution ?
>
> Regards,
>
>
> Olivier RAFAEL
> Network Manager
> Sopra Group
> [email protected]
>
> Ce message est exclusivement destiné aux personnes dont le nom figure
> ci-dessus. Il peut contenir des informations confidentielles dont la
> divulgation est à ce titre rigoureusement interdite. Dans l'hypothèse
> où
> vous avez reçu ce message par erreur, merci de le renvoyer à l'adresse
> e-mail ci-dessus et de détruire toute copie.
>
> This message may contain confidential and proprietary material for the
> sole
> use of the intended recipient. Any review or distribution by others is
> strictly prohibited. If you are not the intended recipient, please
> contact
> the sender and delete all copies.
>
>
>
> -----Message d'origine-----
> De : Mailing list for discussion of Firewall-1
> [mailto:[email protected]]De la part de Lars
> Troen
> Envoyé : mercredi 5 mars 2003 11:55
> À : [email protected]
> Objet : [FW-1] Ftp from a MAC client
>
>
> I have an external Mac user trying to access an ftp server, but he's
> not
> able to do anything. We're not using the ftp security server, but it
> SmartDefense is triggering. Both the client and the server are behind
> natted
> gateways. Can anyone explain what's happening? I'm a bit sceptical on
> disabling "FTP Bounce" in SmartDefense.
>
> Attack Info: ftp address mismatch: ip_src != command_src
> message_info: Illegal port command (port = 0)
>
> Lars
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.