Hi all,

Having trouble figuring out what needs to be allowed in my FW policy.

I have one ftp server behind the NG1 SP3 firewall...the other isnt behind a FW.
My fw keeps killing the connection to the server that I am sending to. Whether its mine behind the FW or the other way around.
When I check the FW log it dosent list a rule dropping it but rather the " SMART DEFENSE" module. Which is a addin for the NG1.

It keeps thinkin its being attacked here is the following FW log error :

Attack INfo : ftpaddress mismatch: ip_src!=command_src message_info: Illegal port command (port=0)


Someone please shed some light on this.

TIA!

i'm not really familiar with your firewall, but just in case..
some firewalls don't like FXP becuase like that rule says ip of control connection is different from the one sent with PORT command. this rule is sometimes called "bounce attack" prevention.

also you could try "Alternative FXP" from site manager. that could fix problem with your firewall.

I thought I reied turning off the bounce attack prevention.

But I will give the alternate FXP a shot.

Thanks for your suggestion.