Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

FTP passive mode

Hello, everyone!

So, i've joined the family of Sophos XG users - built my own using industrial MSI motherboard - works like charm :)
However, i've stumbled upon an issue - trying to configure home FTP server. 

Rule for port 22 works fine. Trying to get FTP Passive mode - no dice.

Tried redirecting specific ports - no dice.

Tried setting ftp bounce policy to data - did not help.

Logs shows"Could not associate packet to any connection."

Using fresh install of XG 17.

Has anyone succeeded setting up passive FTP?

I've read that UTM had special function to dynamically scan ftp traffic and open correct ports. Could not find anything in XG. .

 

Thanks.



This thread was automatically locked due to age.
Parents Reply Children
  • Hello!

    Yes, forgot to mention i've scoured through ftp topics :)

    Yeah, i've tried it - didn't help...

    Setting FTP server to report internal ip just gives me:

    Status: Logged in
    Status: Retrieving directory listing...
    Status: Server sent passive reply with unroutable address. Using server address instead.

    If i specify public ip - it gets stuck on 

    Status: Logged in
    Status: Retrieving directory listing...

    These are my rules

    Logs also mark it as invalid traffic.

    Any ideas?

  • In my case, besides the passive port assignment, you need to set parameter in console as following.

    set advanced-firewall ftpbounce-prevention data

    Try it~

  • ShunzeLee said:

    In my case, besides the passive port assignment, you need to set parameter in console as following.

    set advanced-firewall ftpbounce-prevention data

    Try it~

     

     

    You're right. I did too. I'm adding now.