Joaquim,
What does the log say about the 'Entering Passive'
mode. Does it get dropped/rejected?
Robert
- -
Robert P. MacDonald, Network Engineer
e-Business Infrastructure
G o r d o n F o o d S e r v i c e
Voice: +1.616.261.7987 email: [EMAIL PROTECTED]
>>> Joaquim Eudes Mendes Gomide <[EMAIL PROTECTED]> 6/27/00 2:30:42 PM >>>
>
>Aylton
>Checked. I can ftp to some sites like ftp.redhat.com, but another sites,
>I can t.
>
>This snoop is a FTP to ftp.redhat.com,
>
>Internal Interface
>208.178.165.228 -> MyMachine FTP R port=31745 257 "/pub" is curren
>MyMachine -> 208.178.165.228 FTP C port=31745 PASV\r\n
>208.178.165.228 -> MyMachine FTP R port=31745 227 Entering Passive
>
>External Interface
>MyMachine -> 208.178.165.228 FTP C port=1271 PASV\r\n
>208.178.165.228 -> MyMachine FTP R port=1271 227 Entering Passive
>MyMachine -> 208.178.165.228 FTP C port=1271 TYPE A\r\n
>Everything is OK
>----------------------------------------------------------------------------------
>
>This snoop is a FTP to ftp.microsoft.com
>Internal Interface
>207.46.133.140 -> MyMachine FTP R port=3285 215 Windows2000\r\n
>MyMachine -> 207.46.133.140 FTP C port=3285 PWD\r\n
>207.46.133.140 -> MyMachine FTP R port=3285 257 "/" is current d
>MyMachine-> 207.46.133.140 FTP C port=3285 PASV\r\n
>MyMachine -> 207.46.133.140 FTP C port=3285 PASV\r\n
>MyMachine -> 207.46.133.140 FTP C port=3285 PASV\r\n
>MyMachine-> 207.46.133.140 FTP C port=3285 PASV\r\n
>MyMachine -> 207.46.133.140 FTP C port=3285 PASV\r\n
>MyMachine -> 207.46.133.140 FTP C port=3285 PASV\r\n
>MyMachine -> 207.46.133.140 FTP C port=3285
>207.46.133.140 -> MyMachine FTP R port=3285
>
>External Interface
>207.46.133.140 -> MyMachine FTP R port=33664 215 Windows2000\r\n
>MyMachine -> 207.46.133.140 FTP C port=33664 PWD\r\n
>207.46.133.140 -> MyMachine FTP R port=33664 257 "/" is current d
>MyMachine -> 207.46.133.140 FTP C port=33664 PASV\r\n
>207.46.133.140 -> MyMachine FTP R port=33664 227 Entering
>Passive <=====
>MyMachine -> 207.46.133.140 FTP C port=33664
>MyMachine -> 207.46.133.140 FTP C port=33664 PASV\r\n
>MyMachine -> 207.46.133.140 FTP C port=33664 PASV\r\n
>MyMachine -> 207.46.133.140 FTP C port=33664 PASV\r\n
>MyMachine -> 207.46.133.140 FTP C port=33664 PASV\r\n
>MyMachine -> 207.46.133.140 FTP C port=33664 PASV\r\n
>MyMachine -> 207.46.133.140 FTP C port=34224
>207.46.133.140 -> MyMachine FTP R port=34224
>
>At the external interface we can see the PASV response at the 5th line,
>but there is no response at the internal interface, so it tries again
>and again and disconnect. Why? Why RedHat works and MS does not?
>
>Any other Tips
>
>Thanks
>
>Joaquim Gomide
>
>
>
>Joaquim,
>
>I think I have a tip for you.
>
>After v4.0 SP3 or 4 (I don't remember, maybe someone in the list can
>remember) CP stopped its support for some FTP servers that use non
>default
>high ports. It caused some discomfort in some cases I've worked on, but
>I'm
>not sure if this is your problem.
>
>Check if your PASV option from the GUI, just to be sure.
>
>Best wishes,
>
>Aylton
>
>
>-----Mensagem original-----
>De: Joaquim Eudes Mendes Gomide <[EMAIL PROTECTED]>
>Para: fw-list <[EMAIL PROTECTED]>
>Data: Ter�a-feira, 27 de Junho de 2000 10:08
>Assunto: Re: [FW1] FTP can't connect to certain servers.
>
>
>>
>>Hi Aylton,
>>It s fw-1 V4.0 Build 4156 on Solaris (Sparc). It s stopped after
>>upgrading from 3.0b.
>>
>>Joaquim Gomide
>>
>>
>>Hm.. WHat's your plattaform, version and patch level?
>>
>>I thing I may have a tip.
>>
>>It never worked or it stopped working after a given event (Ex: patch,
>>upgrade, change)
>>
>>best wishes
>>
>>Aylton
>>
>>-----Mensagem original-----
>>De: Joaquim Eudes Mendes Gomide <[EMAIL PROTECTED]>
>>Para: fw-list <[EMAIL PROTECTED]>
>>Data: Segunda-feira, 26 de Junho de 2000 11:20
>>Assunto: RE: [FW1] FTP can't connect to certain servers.
>>
>>
>
>--
> /\// Joaquim Eudes Mendes Gomide
> / /\ Analista de Informatica
> \/ / Banco do Brasil S.A. http://www.bancobrasil.com.br
> / /\ Fone: (061) 310-6303 (Brasil: +55) Fax: (061) 310-6386
> \/ / mailto:[EMAIL PROTECTED]
> //\/ I am on my own. It s not Banco do Brasil s opinion.
>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
