No, it's not passive ftp. It's normal ftp. I have the allow dynamic ports
for defined services enabled. I'm still having the problem.
Nathaniel Davis
Senior Unix Administrator
Subaru of America
ndavis AT subaru DOT com
856-488-3150
-----Original Message-----
From: albnix [mailto:a.nizzero AT TISCALI DOT IT]
Sent: Tuesday, April 27, 2004 4:20 PM
To: FW-1-MAILINGLIST AT amadeus.us.checkpoint DOT com
Subject: Re: [FW-1] R54 and FTP
passive ftp ?
Reinhard Stich wrote:
> hi,
>
> what error do you see in your log-viewer?
>
> cheers
> reinhard
>
> At 18:54 26.04.2004, you wrote:
>
>> Hi all.
>>
>> My questions is this. I have Checkpoint R54 installed on a IP330.
>> My rules
>> allow incoming and outgoing ftp's. When I am using a web browser and
>> I try to download a file from a remote site. The ftp request goes
>> out on a port other than 21. It goes out on higher ports. Thus,
>> Checkpoint drops the request, because it isn't in the rules. How can
>> I get checkpoint to allow these connections, without having to add
>> different ports from everywhere. I don't want to open all ports.
>> Any help is appreciated. I'm guessing it's a Smart Defense thing,
>> but am not sure.
>>
>> Nathan
>>
>> =================================================
>> To set vacation, Out-Of-Office, or away messages, send an email to
>> LISTSERV AT amadeus.us.checkpoint DOT com
>> in the BODY of the email add:
>> set fw-1-mailinglist nomail
>> =================================================
>> To unsubscribe from this mailing list, please see the instructions at
>> http://www.checkpoint.com/services/mailing.html
>> =================================================
>> If you have any questions on how to change your subscription options,
>> email fw-1-owner AT ts.checkpoint DOT com
>> =================================================
>
>
> --
> Reinhard Stich ASSIST R.Stich AT internet-security DOT at
> Internet Security AG, 1150 Wien, Johnstrasse 29
> Tel: +43 1 3709440 RS784-RIPE Fax: +43 1 3709440-333
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================
>
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
