FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 197128

This article expands upon authentication against an FTP proxy configured in FortiGate, as outlined here:

Related link.

When using FileZilla or a similar FTP client to connect to an FTP server, a FortiGate can be used as FTP proxy in between, and can also require authentication depending on configuration.
In general, authentication via FTP proxy follows this format:

1) User establishes a connection to the FTP proxy.
The explicit FTP proxy responds with a welcome message and requests the user’s FTP proxy user name and password and a username and address of the FTP server to connect to:

Connected to
220 Welcome to Fortigate FTP proxy
Name (

This message can be modified via the 'FTP Explicit Banner Message' replacement message.

2) At the prompt the user enters their FTP proxy username and password and a username and address for the FTP server.
The FTP server address can be a domain name or numeric IP address.
This information is entered using the following syntax:


For example, if the proxy username and password are p-name and p-pass and a valid username for the FTP server is s-name and the server’s IP address is the syntax is:

For FileZilla in particular, there are several pre-formatted options available (like 'USER %user@%host' for example).
This syntax needs to be used in FileZilla for a successful connection:

USER %s:%w:%u@%h