Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 6 replies
  • Subscribers 44 subscribers
  • Views 34092 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

FTP passive mode

Alexey Komarov

Hello, everyone!

So, i've joined the family of Sophos XG users - built my own using industrial MSI motherboard - works like charm :)
However, i've stumbled upon an issue - trying to configure home FTP server. 

Rule for port 22 works fine. Trying to get FTP Passive mode - no dice.

Tried redirecting specific ports - no dice.

Tried setting ftp bounce policy to data - did not help.

Logs shows"Could not associate packet to any connection."

Using fresh install of XG 17.

Has anyone succeeded setting up passive FTP?

I've read that UTM had special function to dynamically scan ftp traffic and open correct ports. Could not find anything in XG. .

 

Thanks.



This thread was automatically locked due to age.
Parents
  • 0

    Hello everyone, 

     

    I've been worked a lot of hours but i made it :)

     

    Just create a business rule on firewall page .

    Source > WAN

    Destination > Your WAN Port

    Services > Create New >

    TCP - Source: 1:65535 - Destination 21

    TCP - Source: 1:65535 - Destination 990

    TCP - Source: 1:65535 - Destination 50000:51000 (don't forget the set filezilla passive port to 50000:51000)

     

    Forward to > Protected Server: (Your ftp server) - Protected Zone: LAN

     

    Tick >Create Reflexive Rule

     

    Open console > 4. Device Console >

    set advanced-firewall ftpbounce-prevention data 

     

    It works perfectly on me. 

     

  • 0 in reply to Kayhan Kaynak

    Been trying to get FileZilla Server to work through Sophos XG for a while now. I am using an app FTPSync that first gathers a directory listing then compares with local files, and syncs only changed files. It gets through about 10-20 directories (LIST commands) then halts and pauses for 30 seconds or more, then gets through a few more directories, pauses, and so forth. That's both before and after adding the settings above.

    Normal FTP connection and browsing using FileZilla client worked before I added settings above, but when browsing around folders within a minute or so it too pauses and I can't get to new folders for a while.

    On the server side it just disconnects after a while of the pause. The client reconnects, gets a few more directories, pauses, server disconnects and client reconnects. Rinse and repeat. Anyone have ideas?

    FileZilla Server running on Windows 10 with local firewall disabled for now.

Reply
  • 0 in reply to Kayhan Kaynak

    Been trying to get FileZilla Server to work through Sophos XG for a while now. I am using an app FTPSync that first gathers a directory listing then compares with local files, and syncs only changed files. It gets through about 10-20 directories (LIST commands) then halts and pauses for 30 seconds or more, then gets through a few more directories, pauses, and so forth. That's both before and after adding the settings above.

    Normal FTP connection and browsing using FileZilla client worked before I added settings above, but when browsing around folders within a minute or so it too pauses and I can't get to new folders for a while.

    On the server side it just disconnects after a while of the pause. The client reconnects, gets a few more directories, pauses, server disconnects and client reconnects. Rinse and repeat. Anyone have ideas?

    FileZilla Server running on Windows 10 with local firewall disabled for now.

Children
No Data
Unfiltered HTML