[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Ftp from a MAC client
Thank you Bill, That's what I thought after sending the mail! I asked my customer to try in passive mode but he didn't try yet. Thanks for your quick answer! Regards, Olivier RAFAEL Network Manager Sopra Group [email protected] -----Message d'origine----- De : Mailing list for discussion of Firewall-1 [mailto:[email protected]]De la part de Bill Husler Envoyé : lundi 30 juin 2003 17:57 À : [email protected] Objet : Re: [FW-1] Ftp from a MAC client The reference to the PORT command may be tellling. FIrewalls in general have problems with ACTIVE FTP and the use of the PORT command is an indication that your are in ACTIVE mode. On the Mac, you can simply enter the command: passive to change modes and avoid a wide variety of problems surrounding active ftp. On windows, it gets a little more tricky as the command line ftp client on windows does not support passive mode (they never updated it). You can, however, use IE by setting it to use passive mode as using it to access the ftp site. You can set it to passive by accessint the TOOLS menu and selecting Internet options, then Advanced and scrolling down to "use passive ftp". We have an outstanding trouble ticket with our support vendor that has been escalated to Checkpoint regarding active ftp -the closest thing we have gotten to an answer is that it may be addressed (note they don't say fixed) in fp4. Bill On Monday, June 30, 2003, at 08:31 AM, Rafaël Olivier wrote: > Hello, > > I'm meeting the same error from a Windows client to an Unix server. > and both are behind 2 natted Firewalls (one is CP NG FP3 and other is > Netfilter based firewall). > > Im'looking for a solution.. but can't find anything on google... > > Any Idea/solution ? > > Regards, > > > Olivier RAFAEL > Network Manager > Sopra Group > [email protected] > > Ce message est exclusivement destiné aux personnes dont le nom figure > ci-dessus. Il peut contenir des informations confidentielles dont la > divulgation est à ce titre rigoureusement interdite. Dans l'hypothèse > où > vous avez reçu ce message par erreur, merci de le renvoyer à l'adresse > e-mail ci-dessus et de détruire toute copie. > > This message may contain confidential and proprietary material for the > sole > use of the intended recipient. Any review or distribution by others is > strictly prohibited. If you are not the intended recipient, please > contact > the sender and delete all copies. > > > > -----Message d'origine----- > De : Mailing list for discussion of Firewall-1 > [mailto:[email protected]]De la part de Lars > Troen > Envoyé : mercredi 5 mars 2003 11:55 > À : [email protected] > Objet : [FW-1] Ftp from a MAC client > > > I have an external Mac user trying to access an ftp server, but he's > not > able to do anything. We're not using the ftp security server, but it > SmartDefense is triggering. Both the client and the server are behind > natted > gateways. Can anyone explain what's happening? I'm a bit sceptical on > disabling "FTP Bounce" in SmartDefense. > > Attack Info: ftp address mismatch: ip_src != command_src > message_info: Illegal port command (port = 0) > > Lars > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|