Contributor

Question

FTP not working when antivirus enabled

Forum|Forum|21 years ago
November 5, 2004
4 replies
8845 views

Hello all. I have a FGT-60 (2.8 MR5). When I enable a protection profile with antivirus scan for ftp, whenever I try to download a file, the connection is closed after a while. If I take out the protection profile, it works just fine. Any hints will be more than appreciated.

GTNman

New Member

I have experienced this as well. The problem seems to lie with the anti-virus scanning that is built into the unit. It downloads the full file to RAM to scan for virus' s before it sends the file to the client. Hence the ftp session times out because it does not see any activity from the client. I usually disable the anti-virus in the profile if I know I am going to be doing any large ftp xferring.

A

Anonymous_UserAuthor

Contributor

Can' t believe there' s no solution to this. I mean, it' s something quite normal to download a large file! It' s just not possible for me to spend time disabling antivirus every time one of my users wants to download something.

A

Anonymous_UserAuthor

Contributor

I have the smae problem, I am at a law firm and they FTP PDF documents all over the place. When I have VS on it all stops, turn VS off its all better. I just installed 2.8 MR5 250 in a effort to resolve this issue and others.

A

Anonymous_UserAuthor

Contributor

Could it be the FTP client in use. I think (not sure) I had the same problem when command ftp was used from a remote client ot my FTP server (which was 3com ftp server). I am not sure how but I think this problem is server client specific. Do try a software like filezilla (freeware gui FTP client) and inform us if the problem is still there. Ineed to investigate more as I will have to deal with it sooner or later.

A

Anonymous_UserAuthor

Contributor

Nope, it' s not related to the client. I tried via command line, IE6 and filezilla as you suggested. All of them failed...

A

Anonymous_UserAuthor

Contributor

Hello: Read in the CLI Reference Guide, the splice option... ftp {block buffer_to_disk content_log oversize quarantine scan splice} Enter splice to enable the FortiGate unit to simultaneously buffer a file for scanning and upload the file to an FTP server. If a virus is detected, the FortiGate unit stops the upload and attempts to delete the partially uploaded file from the FTP server. To delete the file successfully, the server permissions must be set to allow deletes. When downloading files from an FTP server the FortiGate unit sends 1 byte every 30 seconds to prevent the client from timing out during scanning and download. If a virus is detected, the FortiGate unit stops the download. The user must then delete the partially downloaded, bla bla bla...

A

Anonymous_UserAuthor

Contributor

[Deleted by Admins]

miblo_FTNT

Staff

I can only confirm the same symptom on a FGT 300 in transparent mode with v2.80 MR5. MS FTP server on DMZ, clients on various (slow) connections. Download of large files terminate after about 35 MB (of 60 MB in this case). The server reports the file as successfully downloaded, but the client times out and only receives a part of the file. Turning off AV-scan on FTP is the (only) workaround so far. ~Mike

A

Anonymous_UserAuthor

Contributor

[Deleted by Admins]

A

Anonymous_UserAuthor

Contributor

We just opened a ticket for this same problem. FGT400 with 2.80MR6 running in transparent mode. Oversize Threshold set to 25mb and still cannot FTP an outbound file that is large (5-10mb). The only workaround is to turn off virus scan for FTP and then turn back on once the xfer is complete. Sounds like there' s a major bug that needs fixing. We were on build 2.50 and had NO problems with this. So much for upgrading...

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded