Solution: FTP to specific servers fails (10043.0.7772541.2711982)
Edit the $FWDIR/lib/base.def file to allow FTP headers without "\r\n":
1. Stop FireWall-1 (fwstop)
2. Edit the /$FWDIR/lib/base.def
3. Mark out the following line:
#define FTP_ENFORCE_NL
to:
//#define FTP_ENFORCE_NL
4. Start FireWall-1 (fwstart)
5. Re-install the policy
Note for Solutions to other problems arising from an upgrade to FireWall-1 4.0 SP6, see FTP to some servers fails
Problem Description
FTP to specific servers fails
See the problem environment.
See the cause.
See changes that affect this problem.
Comment on this Solution
Copyright �1996-2000 Primus Knowledge Solutions, Inc. All Rights Reserved.
Solution Content Copyright �2000 Check Point Software Technologies Inc. All Rights Reserved.
-----Original Message-----
From: Mike Hoffos [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 12, 2000 10:46 AM
To: [EMAIL PROTECTED]
Subject: [FW1] Bizarre ftp problems
I am having an urgent problem, and need any advice I can get.
The firewall is 4.1SP2 on Solaris 7.
Clients behind the firewall cannot successfully ftp out to anywhere,
pasv mode or not. All that is returned by any server I try is 421
Service not available (after they successfully login).
Even more strange (to me, but perhaps they are related) is that ftp's
into allowed servers behind the firewall give external clients the exact
behaviour. Machines in front of the firewall can successfully ftp out
(but not to NATd machines behind the firewall, then they get the 421
error as mentioned above).
As anyone seen this before? Is there a resolution?
Thanks,
Mike Hoffos
Technical Architect
Infocast Corporation
