I've seen this problem when using the Firewall Toolkit (www.fwtk.org) ftp proxy connecting through an NG AI firewall. To fix it I created a custom FTP service using the FTP-BASIC protocol type (advanced button in service properties).
I have little idea what impact this has for security, but as we were already proxying FTP in a DMZ, I didn't see any significant risk. Checkpoint certainly don't seem to document the specifics of FTP-BASIC very well. Regardless, it worked in our situation, and may well work for yourself if you're stuck for ideas. Regards, Dave Aitchison. > I think you can fix this in SmartDefense in AI instead of base.def. At > least R55 has a checkbox you can un-check. I'm pretty sure R54 does as > well from my past reading. > > Ray Pesek, CISSP > > > > > >>From: Oeztuerk Kerem <[EMAIL PROTECTED]> >>Reply-To: Mailing list for discussion of Firewall-1 >><[EMAIL PROTECTED]> >>To: [EMAIL PROTECTED] >>Subject: [FW-1] FTP-Problem with NG AI >>Date: Wed, 4 Feb 2004 17:43:55 +0100 >> >>Hi, >> >>I've installed a NG AI R54 and have problems with some FTP Servers. I >>get the following error : Port command ended without a new line. >> >>I have edited the base.def file and uncommented the line FTP_ENFORCE_NL >>on the Management Station and also on the module. Then reinstalled the >>policy but I still get the same error. >> >>Does anyone have any idea? >> >>Thanks in advance. >> >>================================================>To set vacation, >>Out-Of-Office, or away messages, send an email to >>[EMAIL PROTECTED] >>in the BODY of the email add: >>set fw-1-mailinglist nomail >>================================================>To unsubscribe from >>this mailing list, please see the instructions at >>http://www.checkpoint.com/services/mailing.html >>================================================>If you have any >>questions on how to change your subscription options, email >>[EMAIL PROTECTED] >>===============================================_________________________________________________________________> >> High-speed users�be more efficient online with the new MSN Premium > Internet Software. > http://join.msn.com/?pgmarket=en-us&page=byoa/prem&ST=1 > > ================================================To set vacation, > Out-Of-Office, or away messages, send an email to > [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================To unsubscribe from > this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================If you have any > questions on how to change your subscription options, email > [EMAIL PROTECTED] > ================================================ ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
