FTP Issues

[desiac]

Hi all,

having a really weird problem with our fw-1, ftp connections have been running fine through our perimeter firewall for months if not years without any problems. Starting early this week, basically no data commands are making it through our external firewall (ls,dir,put,get,mput....). Users can sucesfully connect in, establsh a session & traverse the directory structre, just no data commands.

Firewall policy hadn't changed in over a week, then problems out of no where. Nothing is shown as dropped or denied in tracker, showing accepts 99.99% of the time, recived a cpl SmartDefence "monitors" but very sparatic, maybe seen 2 or 3 of them. Everything in the policy is set to log.

Once i saw the smartdefence stuff i assumed it ws playing up or someone had been tinkering. We enabled smartdefence back in June, so in the policy, under the smartdefence tab, i have disabled all smartdefence features (confirmed nothing was ticked). reburnt the policy, and still the same problem.

Wondering if anyone has experianced anything similar or has any ideas?

really appreciate it,

thnx :)

[melipla]

Smart Defense updates have been known to cause problems. Have you updated your Smart Defense recently? If so, can you revert to a database revision control prior to the SD update [as reverting will restore the previous SD definitions]? Otherwise try updating the definitions again.

[hotice_]

Sounds like SmartDefense to me...

try disabling the whole module just to test this and this will confirm it..


I've had problems in the past where even with that specific defense unchecked, I was still having issues until I completely disabled the module...

[reticent]

You could also consider using the "ftp-basic" tcp service rather than "ftp". It enforces some it's smart defense checks a little less stringently.

[desiac]

thanks all, once i disabled smart defence all systems functioning correctly :)

[hotice_]

Quote:

Originally Posted by desiac

thanks all, once i disabled smart defence all systems functioning correctly :)

This HAS to be the most used solution to most problems in R65 :)

[melipla]

Quote:

Originally Posted by hotice_

This HAS to be the most used solution to most problems in R65 :)

Better make that NGX :)

[vijayant]

Hi All
Similar problem we faced regarding some windows Drive share and data transfer. The user was able to connect to the shared drive through firewall but could not put or get data. Finally we found it was a MTU issue. Allow ICMP in smart defence as it is used to find out MSS..