Hoping someone can help. Sorry about the repost, but I received no response the first time.
I have an ftp server (WU-FTP) in my DMZ on a separate interface. I'm running FW-1 v4.0 sp5 on Solaris 2.6.
Recently I added the ip spoofing rules to the 3 interfaces on the firewall. Everything seems to be working fine except for internal users getting to the ftp server. The logs show that the connection is accepted, but the user is unable to do anything beyond connect, with proper userid and password. Once they try an 'ls' or anything else, it fails.
I show no related rejects on rule 0, but if I remove the ip spoofing rules, everything works properly.
My anti-spoofing setup is as follows:
External interface -> Others
DMZ interface -> Specific group object which includes 192.168.x.x, external addresses for all DMZ machines, NAT addresses.
Local interface -> Specific group object which includes 10.x.x.x, NAT address for 10.x.x.x machines,
Any ideas would be greatly appreciated!
Thanks,
Jim Gadrow
[EMAIL PROTECTED]
