Firewalls: Re: solaris 2.5.1 ftp server on inside of firewall

Firewalls
(January 1998)

Indexed By Thread: [Previous] [Next]

Subject:	Re: solaris 2.5.1 ftp server on inside of firewall
From:	Rick Murphy <rmurphy @ itm-inst . com>
Date:	Fri, 23 Jan 1998 22:29:35 -0500
To:	Jesse White <jwhyte @ mail . state . tn . us>
Cc:	<firewalls @ GreatCircle . COM>
In-reply-to:	<s4c867c6 . 002 @ langate . tnet . state . tn . us>

At 09:49 AM 1/23/98 -0600, Jesse White wrote:
>The communication coming back from the server to the client originates
>from a high numbered port, NOT port 20.

You're going to have to diagram this - specify who the server is and
who the client is - to help us understand. If what you're doing is:


[Solaris ftpd] <---> [ Smartwall ] <---> [client program]
And you call this part here ---------^
the sever-to-client connection - that's the default behavior for
ftp-gw (for FWTK, Gauntlet, and I assume Smartwall.) The ftp-gw
doesn't use a fixed port for it's data connection back to the client.
It uses a random high port. (There is a Gauntlet patch to allow you
to force this to a particular port number.)
If your "server to client" connection is between the ftpd and the firewall,
that's another matter..
	-Rick

References:

solaris 2.5.1 ftp server on inside of firewall
From: Jesse White <jwhyte @ mail . state . tn . us>

Indexed By Date	Previous:	FW13.0x+Solaris2.5/6+NAT+VPN Questions From: Jess Liao <jessl @ best . com>
Indexed By Date	Next:	Re: Firewall admin/implementor opinions wanted From: Snob Art Genre <benedict @ echonyc . com>
Indexed By Thread	Previous:	solaris 2.5.1 ftp server on inside of firewall From: Jesse White <jwhyte @ mail . state . tn . us>
Indexed By Thread	Next:	Re: solaris 2.5.1 ftp server on inside of firewall -Reply From: Jesse White <jwhyte @ mail . state . tn . us>