This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Settings for outgoing FTPS connections?

I'm trying to permit outgoing SFTP connections, but I'm having trouble figuring out the minimal set of permissions needed.

Looking in the logs when attempting to connect to a server, I can see that an initial connection over 990 is being attempted. OK, that's one external port, I can add that. Possibly also 989 as well (as it can also be used). But then the connection fails, and the logs show attempts being made over 10210 and 10067, which seemed to have been picked at random. If FTPS is using randomized ports, how can I create a secure rule in Sophos to keep the number of ports to a minimum?



This thread was automatically locked due to age.
  • This is a problem for me too.

    As you have already observed, FTP(s) use random high ports for transferring data.

    The FTP-Connection-tracking-helper can recognize this negotiation and opens the dynamic ports.

    But with FTPS he's blind.

    i recommend SFTP/SSH-copy in these cases. Booth use Port 22TCP only.

     


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.