Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

FTP not working when antivirus enabled

Hello all. I have a FGT-60 (2.8 MR5). When I enable a protection profile with antivirus scan for ftp, whenever I try to download a file, the connection is closed after a while. If I take out the protection profile, it works just fine. Any hints will be more than appreciated.
16 REPLIES 16
GTNman
New Contributor

I have experienced this as well. The problem seems to lie with the anti-virus scanning that is built into the unit. It downloads the full file to RAM to scan for virus' s before it sends the file to the client. Hence the ftp session times out because it does not see any activity from the client. I usually disable the anti-virus in the profile if I know I am going to be doing any large ftp xferring.
Not applicable

Can' t believe there' s no solution to this. I mean, it' s something quite normal to download a large file! It' s just not possible for me to spend time disabling antivirus every time one of my users wants to download something.
Not applicable

I have the smae problem, I am at a law firm and they FTP PDF documents all over the place. When I have VS on it all stops, turn VS off its all better. I just installed 2.8 MR5 250 in a effort to resolve this issue and others.
Not applicable

Did MR5 250 solve this? I still find it' s ridiculous to embed an antivirus that doesn' t work in the firewall...It makes no sense...
Not applicable

Could it be the FTP client in use. I think (not sure) I had the same problem when command ftp was used from a remote client ot my FTP server (which was 3com ftp server). I am not sure how but I think this problem is server client specific. Do try a software like filezilla (freeware gui FTP client) and inform us if the problem is still there. Ineed to investigate more as I will have to deal with it sooner or later.
Not applicable

Nope, it' s not related to the client. I tried via command line, IE6 and filezilla as you suggested. All of them failed...
Not applicable

Hello: Read in the CLI Reference Guide, the splice option... ftp {block buffer_to_disk content_log oversize quarantine scan splice} Enter splice to enable the FortiGate unit to simultaneously buffer a file for scanning and upload the file to an FTP server. If a virus is detected, the FortiGate unit stops the upload and attempts to delete the partially uploaded file from the FTP server. To delete the file successfully, the server permissions must be set to allow deletes. When downloading files from an FTP server the FortiGate unit sends 1 byte every 30 seconds to prevent the client from timing out during scanning and download. If a virus is detected, the FortiGate unit stops the download. The user must then delete the partially downloaded, bla bla bla...
Not applicable

[Deleted by Admins]
Not applicable

Already tried that. No success.
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors