We recently installed an 80F and we are now having issues with our ERP being able to connect to FTP sites of our vendors to upload order data. Previously on our old network based firewall, we didn't have these issues. It appears that an active session is being created with the FTP site. I can connect to the FTP site from our ERP manually but once I'm connected and I try to run any commands, I receive a 500 illegal port message and then a 425 use PORT or PASV first message. If I enter pass then it shows passive mode as being on and I can execute commands successfully. The problem is that once this connection is ended and we try again, we are back to the same issues. Our vendor who is responsible for this firewall is running into a wall on what to do so I'm hoping someone may have some ideas on what we need to do to resolve this. This ERP server has a public IP so traffic from the internet to it comes directly to the firewall. When traffic is going out from it, it goes from the firewall to our velocloud router then to the internet.
Solved! Go to Solution.
So we had taken out the session helper for FTP a couple days ago to test and that didn't make any difference. While working with someone from Fortinet yesterday, they had us add the session helper back in and somehow that caused things to start working again. Nothing was changed for session helper. We copied and pasted the data we removed the previous day but somehow when it was added back in, that fixed things for us and now we are good. Thanks for the offer to help!
I could take a look for you if you'd like to do a screen share. If not I would run diag debug on the unit to see what is actually happening between source/destination ips. You can also look at forward traffic too.
It will look like this.
Any update on this?
So we had taken out the session helper for FTP a couple days ago to test and that didn't make any difference. While working with someone from Fortinet yesterday, they had us add the session helper back in and somehow that caused things to start working again. Nothing was changed for session helper. We copied and pasted the data we removed the previous day but somehow when it was added back in, that fixed things for us and now we are good. Thanks for the offer to help!
Glad to hear it!! Have a great weekend!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.