Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Blue_Crescentmoon
New Contributor

Protocol Profile Options

Hi All, I am looking for a more complete breakdown of this feature. Specifically when it comes down to configuring with FTP. The following I have configured in the profile: Port (i.e. 80,88, 0-auto) 21 Comfort Clients Checked Interval (1-900 seconds) 10 Amount (1-10240 bytes) 1 Oversized File/Email Pass Threshold (1-50 MB) 10 Monitor Content Information for Dashboard Checked Then I use a UTM AntiVirus profile that enables scanning of FTP sessions/file transferring. Yet, when the scanning of FTP is enabled, and a file downloading is more that 10 MB' s, then the downloading will keep failing and retrying until the retry interval is exceeded and it will completely fail. Even though I elect to pass in the protocol options. What I am first looking for is some kind of explanation/documentation that digs deeper into the options within the PPO (i.e. comfort clients settings, etc.). The second thing I am looking for is why this configuration is not working when I elect to scan ftp. Any help would be appreciated :-), Blue
1 REPLY 1
Blue_Crescentmoon
New Contributor

Dear all, I believe I found out what the root problem is. In Protocol Profile Options, you can configure client comfort options. I have specifically client comfort for https and ftp sessions configured. Under client comfort, you have specific configurations relating to interval and size. These configurations are in default state. set comfort-interval <value> number of seconds to wait (minimum: 1; maximum: 900) set comfort-amount <value> number of bytes to send (minimum: 1; maximum: 10240) This might mean that when an ftp session begins and transfers, that the CC goes to fast as it is set at default. I think what could then happen is that the cache and/or buffer corrupts and causes this setting to drop ftp sessions after the file size threshhold has been met. I cannot confirm this yet, so please don' t quote me on it yet. The reason for my theory is because I just set the originally settings I had with client comfort, ftp av scanning and now the entire thing works. I even get, from a debugging of ftp sessions, the splicing messages that come with client comfort. Any ideas and/or thoughts are welcome! Thanks Blue
Labels
Top Kudoed Authors