Don't use an FTP resource. In NG AI go to SmartDefense, FTP, FTP Security Server and make sure "Configurations apply only to connections related to resources used in the Rule Base" is selected.
Then your FTP rule would just be for service FTP. Chris -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of richard belt Sent: Monday, February 02, 2004 10:44 AM To: [EMAIL PROTECTED] Subject: [FW-1] EPSV/EPRT not supported Dear all, I have noticed that ftp commands EPSV and EPRT, (which supersede PASV and PORT) are not supported on FW1-NG. In fact they are quietly blocked without sending a "500 Command Not Supported" message back to the client. This means that all new ftp clients (for example all BSD based clients: NetBSD, FreeBSD, OpenBSD etc) which by default first try EPSV/EPRT hang until timed out when the connection goes through via a FW1-NG. Does anyone on this list know a workaround or procedure to get these two commands through FW1-NG? Does anyone know if Checkpoint plans to sort out this problem? The longer it takes the more new ftp clients out there that will fail. Thanks, Richard Belt. ------------- __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free web site building tool. Try it! http://webhosting.yahoo.com/ps/sb/ ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
