Drops the connection or hangs? Both the ls and dir commands require use of
the data stream. I'd suspect that doing a get or put would cause the same
problem.
I'd check that the secure ftp server is ONLY using port 20 for data since
Checkpoint doesn't support anything else; it (the secure FTP server) may not
since using port 20. Depending on who you talk to, using port 20 for data is
viewed as more secure or less secure - seems like the argument depends on if
the firewall is packet or proxy based.
If the command stream (port 21) is encrypted, then Checkpoint wouldn't see
the port command (nor would any firewall) and wouldn't know to expect the
connection and that would probably hang. (A proxy firewall, in fact, would
probably not work at all with an encrypted command stream since its looking
at the commands which a packet firewall would be only looking for things it
recognized in the packets - but someone with experience could probably
answer that better than I.)
I'm not sure what Checkpoint would do if it started to receive traffic on
port 20 without expecting it. Its also possible that your secure server is
receiving something back during the data stream setup which it doesn't like
and is dropping. Sniffing the packets should provide you with who is doing
what.
> -----Original Message-----
> From: dhoffm - Don Hoffman [SMTP:[EMAIL PROTECTED]]
> Sent: Tuesday, February 29, 2000 10:36 PM
> To: [EMAIL PROTECTED]
> Subject: ftp to Secure Ftp site
>
> We are trying to ftp through a Netscreen firewall to a secure ftp server.
> The secure ftp server authenticates through a Checkpoint firewall 1. We
> can log into the
> ftp server but once we try to do a ls or a dir on the ftp directory it
> drops the connection. Any ideas what we may need to do. We have ports 21
> and 20 open.
> suggestions would be greatly appreciated.
>
> Don
>
>
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
