| Description |
This article describes how to handle an error which may appear on the FTP client when using an explicit FTP proxy in FortiOS or FortiProxy, the following error may be present on the FTP client:
|
| Scope | FortiProxy, FortiOS. |
| Solution |
In some scenarios, a user observes error 421 in the FTP client when using FortiProxy: The user may also notice that the proxy connection is fully working when plain FTP is enforced (for example, in the FileZilla option to Use only plain FTP:(
In this scenario, the following steps are applicable. Otherwise, follow the existing FortiProxy documentation to configure a FortiProxy explicit FTP proxy.
Once plain FTP has been confirmed to be working, the following steps need to be taken to resolve the error:
config ftp-proxy explicit set ssl enable end
Follow the instructions in the Create or edit a Policy documentation to create a corresponding explicit proxy policy. It is critical to select an SSL inspection profile with deep inspection enabled: otherwise, FortiProxy will fail. FortiProxy relies on the certificate used in deep inspection to establish an SSL connection between client and proxy server. Deep inspection is required whenever the client is using implicit or explicit TLS. |
