Firewalls: ftp problem

Firewalls
(June 1996)

Indexed By Thread: [Previous] [Next]

Subject:	ftp problem
From:	Darwin Martinez <Darwin_Martinez @ INS . COM>
Date:	Thu, 20 Jun 1996 21:29:19 -0400
To:	firewalls @ greatcircle . com

All:

When I ftp to a site, FW-1 allows the ftp connect (21) but then blocks the
return data (ftp-data 20?). My rulebase allows both ftp & ftp-data from the
internal nets outward. I'm doing NAT. After i connect, i see the actions
taking place (cd, dir, etc.) on the FTP screen, but the responses are
blocked by my inplicit deny rule I have (any,any,any,reject). Basically, I
can't see the contents of the directory that has been CD'd to.

Any ideas?? Thanks.
------------------------------------------------------------------------
Darwin L. Martinez			Email:	darwin_martinez @
 ins .
 com
Network Systems Engineer		Site #:	404-843-5954
International Network Services		Pager:	800-INS-1-INS
Atlanta Office
------------------------------------------------------------------------

Follow-Ups:

Re: ftp problem
From: Dave Roberts <djr @ saa-cons . co . uk>
Re: ftp problem
From: Mathias Kolehmainen <ripper @ dataway . com>

Indexed By Date	Previous:	Re: Security Check Program(s) From: nkeenan @ gsionline . com (Nick Keenan)
Indexed By Date	Next:	Re: Breaking In..... From: Barbara Jaarsma <barbara @ us . checkpoint . com>
Indexed By Thread	Previous:	RE: Security Check Program(s) From: Alex Filacchione <alexf @ iss . net>
Indexed By Thread	Next:	Re: ftp problem From: Mathias Kolehmainen <ripper @ dataway . com>