[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW1] PASV Ftp Problems
[ The following text is in the "iso-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. Some ]
[ characters may be displayed incorrectly. ]
I have a contractor with a need to make PASV ftp connections into my
network. I first tried bringing him in using SecuRemote but the connection
failed when the user tried to enter the 'PASS' command as part of the login
process--he telneted to port 21. The packet containing the 'P' in Pass was
never received at the firewall. We thought this could be attributed to the
SecuRemote Application.
We then tried to bring him in through PPTP, but were unable to establish
PASV ftp connections. The user was able to log all the way in this time,
but when the 'quote pasv' command was issue the ftp server's reply was never
received by the client and the session hung. We tried this telneting to
port 21, using ftp from the command line, and using a browser. Each time
the session hung.
I'm running FW-1 4.0 on NT 4.0 with SP4. The pasv ftp setting is checked in
my properties and all actions required for these connections to take place
are being permitted within the rule base. The log has no entries of drops
or rejects.
If anyone has experienced similar problems with either the SecuRemote
client, the PPTP client, or PASV ftp problems that might relate please let
me know what I might be able to try to fix this.
Thanks,
Stephen E. Summers
Data Security Consultant
AFLAC IT Security
706.596.3339
ssummers@aflac.com
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================