Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: Checkoint Firewall and FTPS /SFTP

Checkoint Firewall and FTPS /SFTP 11 years 6 days ago #10174

I am having an issue when configuring FTPS running on a Windows server that using Serv-U ftp server. The issue is when I place a port into the configuration, say in the case the port is TCP 115. I am unable to connect to the FTP session. Regular ftp works fine. I am using a Checkpoint firewall with AI. The rule base shows ftp is allowed as well as SFTP (TCP port 115). Any thoughts why I get an error that basically states that the inital configuration is being allowed and then dropped. I suspect that I needed to also supply the port ranges for data. Thanks.

CAPSOS
The administrator has disabled public write access.

FTP 11 years 5 days ago #10199

  • TheBishop
  • TheBishop's Avatar
  • Offline
  • Moderator
  • Posts: 1719
  • Thank you received: 8
  • Karma: 5
You might be right. 'Normal' FTP uses two ports, one for control and another for the data. Try to find out the second port your application uses and open that too. Or two alternative methods would be
1) Stick in a temporary rule that does "pass all and log", run your FTP then examine the logs
2) Leave the firewall rules as they are but do a packet capture on your attempted FTP. Examine the trace to see what ports are used
The administrator has disabled public write access.

Duplicate Post 11 years 5 days ago #10201

  • TheBishop
  • TheBishop's Avatar
  • Offline
  • Moderator
  • Posts: 1719
  • Thank you received: 8
  • Karma: 5
This is a duplicate post with two sets of answers running. Perhaps one of our illustrious moderators would merge them? Thanks guys
The administrator has disabled public write access.

Any luck with this one? 10 years 10 months ago #11591

I am experiencing the same thing.

Did you guys have any resolution here? Hopefully?

Cheers,
Jimmy
The administrator has disabled public write access.

Problem 10 years 10 months ago #11602

  • TheBishop
  • TheBishop's Avatar
  • Offline
  • Moderator
  • Posts: 1719
  • Thank you received: 8
  • Karma: 5
Hi Jimmy
You need to find out what ports are being used. Try the two suggestions in my earlier post and see if that gives you the details. Alternatively, post more info and we'll try to help
The administrator has disabled public write access.

Re: Checkoint Firewall and FTPS /SFTP 10 years 10 months ago #11634

  • nske
  • nske's Avatar
  • Offline
  • Expert Member
  • Posts: 613
  • Karma: 0
Sorry for the pause, in case TheBishop wonders why the duplicate threads were not merged as he had correctly pointed out, it's because that is not technically possible through the forum script. So everyone please avoid opening duplicate topics! thanks
The administrator has disabled public write access.
Time to create page: 0.083 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup