Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 5 subscribers
  • Views 2374 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unable to access sFTP

Chris Alben

Hello,

My first post here.

Appliance is a Sophos UTM SG230 (Firmware 9.703-3)

I have a client who is currently unable to access an external sFTP Server. The correct Firewall Rule has been added, and during testing, I can see the packet leaving the firewall, however, the response seems to never be received. I have tested outside of the network and it works absolutely fine. If I disable the Firewall Rule and try to connect, not only do I see that the packets are dropped, but the connection will also timeout (as expected). If, however, I switch the Firewall Rule on, I can see the packet leave the network, but almost immediately, I get an error stating "Software caused network abort". I have tested with WinSCP and PuTTY, both give the same error.

Due to the fact that this works outside of the network, and that I am getting different responses depending upon whether the correct rule is enabled leads me to believe that the firewall is the cause of the issue. I have trawled the web for hours, checked all of the logs, but nothing shows (except the packet leaving the network in the Firewall Logs). 

Is there anything I may have overlooked? Any help would be much appreciated.

TIA,

Chris



This thread was automatically locked due to age.
Parents
  • 0

    Hi Chris and welcome to the UTM Community!

    Do you learn anything from doing #1 in Rulz (last updated 2019-04-17)?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hi Bob,

    Thanks for the response... I did indeed check the logs, there is nothing there of any value. After performing a WireShark, I can see that the remote server is terminating the connection, though, we're still unsure why. Due to the provider of the sFTP Server containing very sensitive information, I have asked the Client to liaise with the provider to see if they can supply any logs to help point us in the right direction... I will pop an update back here once I have more info or a resolution.

    Thank you Slight smile

Reply
  • 0 in reply to BAlfson

    Hi Bob,

    Thanks for the response... I did indeed check the logs, there is nothing there of any value. After performing a WireShark, I can see that the remote server is terminating the connection, though, we're still unsure why. Due to the provider of the sFTP Server containing very sensitive information, I have asked the Client to liaise with the provider to see if they can supply any logs to help point us in the right direction... I will pop an update back here once I have more info or a resolution.

    Thank you Slight smile

Children
No Data
Unfiltered HTML