Hi,
We are having 2 problems with Active FTP (Non Passive) on FireWall-1 4.1 's
Problem 1:
Passive FTP through SecuRemote is working correctly and there are no problems
but with Active FTP the Data connections gets dropped by the FireWall on the
cleanup rule in the release.
Environment:
FTP is defined as a service in the SecuRemote rule.
No other rules match for the SecuRemote traffic.
FireWall is running 4.1SP3 on Solaris.
SecuRemote 4.1SP4 and 5.0
IP Pools
IKE Static Password
Problem 2:
Passive FTP is working OK in both directions but normal-mode FTP fails either
from an internal client to an internet server or from an internet client to an
internal server.
An FTP connection can be made but as soon as a 'dir' command is
issued the connection is closed by the remote server. Running snoop on
the firewall shows that the firewall sends a RESET immediately following
the PORT command, the ftp server does not send a RESET. Nothing is seen in the
firewall logs apart from the initial connection.
FTP sometimes works correctly after a reboot of the firewall or a stop start
but breaks when a policy is re-installed.
Problem has been seen on FireWall-1 4.1SP3 and SP5 on Solaris and NT.
I have seen Problem 2 mentioned on mailing lists but have never seen a solution.
Your help is appreciated
Neal
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
