A custom ftp service will need to be used with an advanced setting of type FTP_BASIC. This does not enforce the FTP-newline enforcement.
-- Ted Serreyn Phone: 262-432-0260 Fax: 262-432-0232 Serreyn Network Services, LLC http://www.serreyn.com/ -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Sean Donaghey Sent: Thursday, July 05, 2007 8:29 AM To: [email protected] Subject: Re: [FW-1] FTPS using R55 I am not trying to connect to splat with FTPS, I am trying to do outbound FTPS to an internet site, from a computer behind my firewall. It seems that the firewall is blocking certain things about the FTPS. I have gone through SmartDefense and turned off everything that has to do with FTP, but it has not fixed it. Thanks, Sean Sergio Alvarez <[EMAIL PROTECTED]> Sent by: Mailing list for discussion of Firewall-1 <[email protected]> 07/04/2007 05:00 PM Please respond to Mailing list for discussion of Firewall-1 <[email protected]> To [email protected] cc Subject Re: [FW-1] FTPS using R55 I believe I know what you need. When you first log into SPLAT, you are only getting to the cpshell, which allows you to run just check point commands, in order to fully have access to the platform, you need to go to expert mode, but as far as I know there is no way to go straight to expert from the beginning on a standard SPLAT installation. So I believe it was on this discussion list, that somebody posted a way around it. In SPLAT go to expert mode, then cd to /etc and vi the passwd file, the last line of the contents will show "cpshell", replace that with "bash" (without the quotations off course) and save the changes. Logout with the exit command twice (once for expert, once for cpshell) and login again, this time you should get straight to expert mode and that should do it for what you need. Now, you must take in count that doing this you are opening a big security hole in your SPLAT machine, so I would only recommend doing this on a SmartCenter machine well guarded on your LAN or in firewall modules in a safe environment. I have used this for accessing SPLAT machines using WinSCP, which allows to easily get files in or out of SPLAT boxes. Hope this helps. Regards On 7/4/07, Sean Donaghey <[EMAIL PROTECTED]> wrote: > > Hi, > > Has anyone successfully used FTPS with R55? We have some bank software > that requires outbound FTPS access, and the connection attempt fails > everytime. In the logs, there is an error: Port command ended without a > new line > > I found a KB article (sk26049) about this error, but after trying out > Check Points recommendation, it still does not work. > > I am running R55 HFA_15 on the enforcement point. > > Does anyone have an idea on how to get this working, or if it is even > supported on R55? > > Thanks, > _______________________________________ > Sean P. Donaghey > Information Services - Sr. Technical Analyst > Hôtel-Dieu Grace Hospital > 1030 Ouellette Avenue > Windsor, Ontario N9A 1E1 > Canada > Tel:(519) 973-4411 Ext. 3717 > Fax:(519) 255-2206 > Email: [EMAIL PROTECTED] > > > > The information contained in this e-mail message is confidential and > protected by law. The information is intended only for the person or > organization addressed in this e-mail. If you share or copy the > information you may be breaking the law. If you have received this e-mail > by mistake, please notify the sender of the e-mail by the telephone number > listed on this e-mail. Please destroy the original; do not e-mail back > the information or keep the original. > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > -- Sergio Alvarez (506)8301342 ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= The information contained in this e-mail message is confidential and protected by law. The information is intended only for the person or organization addressed in this e-mail. If you share or copy the information you may be breaking the law. If you have received this e-mail by mistake, please notify the sender of the e-mail by the telephone number listed on this e-mail. Please destroy the original; do not e-mail back the information or keep the original. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
