- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Trying to get FTP client to connect to outside FTP server
Why is this so hard? I have a 60e 6.4.8
FileZilla keeps coming back with Port command tainted by router or firewall.
Machine is in a firewall rule that allows ALL.
Deep packet inspection on all ports. Also tried it with no packet inspection and no security profiles at all, just for giggles.
I was reading online about a service FTPoverTLS. I don't even have that service. But again, ALL is allowed.
I'd hate to open a ticket on this, it seems like it should be easy enough.
Any help would be appreciated.
Solved! Go to Solution.
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Well I found an idea on my own which seems to have solved my problem. The solution was to disable (or delete) the FTP session helper. Once that's gone, the client works just like it's supposed to.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You probably know that FTP uses two ports, one for the control session and one for the data.
Traditionally, ports 20 and 21; and for this, the FG has a session helper - make sure it still exists (show system session-helper).
FTP over TLS uses other ports (not fixed), and is not a setting in Fortigate, but on the FTP client. The service you see in this article is custom-made
First make sure what kind of FTP session is used by your FTP client/server apps.
Deep packet inspection is needed for FTP over TLS. But if you tested without it, did you also check with policy in flow-mode?
- Toss a 'Like' to your fixxer, oh Valley of Plenty! and chose the solution, too00oo -
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The FTP session helper seems to be what was causing my problem. I removed it and now it's working.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Well I found an idea on my own which seems to have solved my problem. The solution was to disable (or delete) the FTP session helper. Once that's gone, the client works just like it's supposed to.
