SFTP privatekey file blocked by IPS since upgrade to 6.0

Forum|Forum|7 years ago
July 11, 2018
1 reply
7759 views

Hi,

I use a FortiGate 50E in our company and have IPS enabled. After the upgrade to 6.0, a script that uploads data via SFTP (WinSCP commandline) doesn't work anymore. The connection requires a private-keyfile (*.ppk), which is somehow blocked IPS. The keyfile doesn't reach the server for authentification.

I now deactivated IPS but that's not the solution I have in mind. Any ideas what I could do?

6.0

neonbit

New Member

You could add the IP address as an exception to the IPS policy. Firstly find the IPS signature that is causing this issue (should be easy to find in the IPS logs), then edit your IPS profile and add that signature as an exception, then add the IP address of the sending server as an IP exception.

icdataAuthor

New Member

Thanks. This was also in my mind. However, I am not able to identify the signature: My IPS log is completely empty. Either I missed a setting to turn on the log (I set the filter to "monitor" and enabled packet logging, but the log's still completely empty) or it's in fact not an IPS "hit" but the filter somehoew breaks the transmission of the key file... Any thoughts?

icdataAuthor

New Member

Bump - Any suggestions?

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded