Hot Downloads



The forum is in read only mode.
Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1

TOPIC: Checkoint Firewall and FTPS /SFTP

Checkoint Firewall and FTPS /SFTP 13 years 5 months ago #10174

I am having an issue when configuring FTPS running on a Windows server that using Serv-U ftp server. The issue is when I place a port into the configuration, say in the case the port is TCP 115. I am unable to connect to the FTP session. Regular ftp works fine. I am using a Checkpoint firewall with AI. The rule base shows ftp is allowed as well as SFTP (TCP port 115). Any thoughts why I get an error that basically states that the inital configuration is being allowed and then dropped. I suspect that I needed to also supply the port ranges for data. Thanks.


FTP 13 years 5 months ago #10199

You might be right. 'Normal' FTP uses two ports, one for control and another for the data. Try to find out the second port your application uses and open that too. Or two alternative methods would be
1) Stick in a temporary rule that does "pass all and log", run your FTP then examine the logs
2) Leave the firewall rules as they are but do a packet capture on your attempted FTP. Examine the trace to see what ports are used

Duplicate Post 13 years 5 months ago #10201

This is a duplicate post with two sets of answers running. Perhaps one of our illustrious moderators would merge them? Thanks guys

Any luck with this one? 13 years 3 months ago #11591

I am experiencing the same thing.

Did you guys have any resolution here? Hopefully?


Problem 13 years 3 months ago #11602

Hi Jimmy
You need to find out what ports are being used. Try the two suggestions in my earlier post and see if that gives you the details. Alternatively, post more info and we'll try to help

Re: Checkoint Firewall and FTPS /SFTP 13 years 2 months ago #11634

  • nske
  • nske's Avatar
  • Offline
  • Expert Member
  • Expert Member
  • Posts: 613
  • Thank you received: 0
Sorry for the pause, in case TheBishop wonders why the duplicate threads were not merged as he had correctly pointed out, it's because that is not technically possible through the forum script. So everyone please avoid opening duplicate topics! thanks
  • Page:
  • 1
Time to create page: 0.105 seconds


Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V


  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup