Hello everyone,
I'm getting in trouble since I tried to configure my FTP client with an active connection instead of a passive one. My FTP client is Cobian Backup 11 with who I'm using a TLS connection with the followings settings :
And I use FileZilla as FTP server. I won't providing you the settings of it, there are too many. Althought, I'm pretty sure that the problem isn't coming from FileZilla because I'm able to set up a TLS connection with the active FTP mode with another FTP client who's not behind my Sophos UTM using the same Cobian's settings.
I precise by the way that when I disable the TLS connection, I manage to use the FTP active mode.
To understand the problem I first used wireshark on my FTP server. Firstly with etablishing a connection with my FTP client behind the Sophos and I saw that :
I'm not able to understand this rapport of wireshark which appears in the last layer (TCP) but I guess that the acknowledgment that the client replied isn't good.
To compare, here is the wireshark capture at the same line with the working FTP client (without UTM) :
Here is no problem in the acknowledgment reply. We can see that there isn't any "Options" line between the "Flags" and "SEQ/ACK analysis" lines to compare with the other capture. What is it ?
Then after to use Wireshark I looked at my firewall logs of the FTP server and the FTP client that doesn't work. There is something very strange here :
We can see that my FTP server (10.69.1.4) is sending something from the port 20 to the port 31 000 of the FTP client. However, when I'm looking at the firewall logs of my client, this packet doesn't appears.
I don't understand what's going on here, if you have any idea you're welcome. Thanks for your help.
This thread was automatically locked due to age.
