FYI - for FW-1 NG AI R55, I fixed this in SmartDashboard using: SmartDefense -> Application Intelligence -> FTP -> FTP Security Server Turn "Prevent Known Ports Checking" ON to DISABLE the test. :-/
Andy. Mailing list for discussion of Firewall-1 <[email protected]> wrote on 14/03/2005 16:44:47: > I am trying to resolve an issue where our user is getting the occasional > "425 Security Server forbids PORT redirection" when connecting to an FTP > stie. > As this is an MS FTP client, I imagine it is due to it's use of source > ports below 1024 :-) > I have modified the aftpd.conf file as described in Solution ID > 10022.0.2917673.2504701 (search SK for "ftp port error" to get the "Forcing > the File Transfer Protocol (FTP) Security Server to allow unsafe commands > from the client" article), but I am still getting the error. I have > created the specified file with one line which reads port_spoof=1 > I have also saved and re-applied the rulebase, but have not tried > restarting CP or rebooting the server. I note that the solution header > says latest version = 4.1, but the "applies to" list also includes NG AI > R55 (which is what I am running). > Can anyone advise why I am still getting the errors? > TIA, > Andy. ##################################################################################### This email is intended for the person to whom it is addressed only. If you are not the intended recipient, do not read, copy or use the contents in any way. The opinions expressed may not necessarily reflect those of ZESPRI Group of Companies ('ZESPRI'). While every effort has been made to verify the information contained herein, ZESPRI does not make any representations as to the accuracy of the information or to the performance of any data, information or the products mentioned herein. ZESPRI will not accept liability for any losses, damage or consequence, however, resulting directly or indirectly from the use of this e-mail/attachments. ##################################################################################### ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
