Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
martyyy
New Contributor III

FTP ALG

FOS 7.4.3

I have a client trying to use passive mode for FTP. This mode uses many ports, not just port 20/21.
Is there a Service on the Fortinet that allows FTP ALG? Currently we have this open to any ports

 

TIA :) 

3 REPLIES 3
ozkanaltas
Valued Contributor III

Hello @martyyy ,

 

If I understand correctly, you want to use FTP helper for different TCP ports instead of 20/21. 

 

If you say yes, you can follow this document for your request. 

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-access-FTP-server-externally-on-dif...

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
abelio
SuperUser
SuperUser

Hello martyyy

As under passive mode, ftp server just listen passively, you only need configure your server FTP properly in order to work in passive mode.  (*)
Your \FTP client configured in passive mode, client starts all connections, server passively listen 
Under FGT you have the usual vip config on port 20/21 


obs:

- we' re NOT talking here about FTP over TLS or another scenario.

- (*) for example, if you use a widely ftp server as VSFTPD, these 3 lines in server confg will take care of passive traffic for data transfer after fork

pasv_enable=Yes
pasv_max_port=40000
pasv_min_port=50000

 

 

 

 

 

regards




/ Abel

regards / Abel
muketsu
New Contributor

Actually there is a reason behind no option provided for disabling ALG for FTP protocol. In perspective of AppID, FTP cannot work without ALG for both active & passive modes.

https://vlc.onl/
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors