Re: Problems with Kerio fireall and FTP software.

From: David (davidwnh_at_adelphia.net)
Date: 09/16/03

• Next message: Alastair Smeaton: "Re: Kerio PF vs Sygate PF"
• Previous message: ozzy: "Re: Limiting access to US users only"
• In reply to: sponge: "Problems with Kerio fireall and FTP software."
• Next in thread: OM: "Re: Problems with Kerio fireall and FTP software."
• Reply: OM: "Re: Problems with Kerio fireall and FTP software."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Tue, 16 Sep 2003 06:02:14 GMT

When you say FTP program are you talking about an FTP "client" application?
Assuming this is the case. PASV is more friendly for a firewalled FTP client
so force the use of PASV where possible.
In PASV mode the client application initiates all connections.
Don't open holes in your firewall for port mode ftp unless you have to deal
with ftp servers that don't allow PASV mode.
So try to do what you need to do by forcing the ftp client into PASV mode
before screwing with your firewall.
The control data coming back from the server and displayed in your client
will usually tell you if the server supports PASV or not.
If you do encounter ftp servers that don't allow PASV mode then you have to
set up your firewall so that it will accept data connections from the ftp
server. I will let someone else address that issue since I don't use kerio
and the way to configure things for the tightest setup varies a little from
one desktop firewall to the other.
>
> >I've got Kerio personal firewall installed on my PC.
> >Everything works fine - except that EVERY FTP program I try to run
> doesn't
> >work.
> >
> >Can anyone suggest something that will solve my prob.
> >
> >Thanks.
> >
> >OM

---

• Next message: Alastair Smeaton: "Re: Kerio PF vs Sygate PF"
• Previous message: ozzy: "Re: Limiting access to US users only"
• In reply to: sponge: "Problems with Kerio fireall and FTP software."
• Next in thread: OM: "Re: Problems with Kerio fireall and FTP software."
• Reply: OM: "Re: Problems with Kerio fireall and FTP software."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: ipfw or ipf w/stateful behavior ... these make the firewall secure enaugh. ... > hosting a FTP server at your site? ... Securing things for an FTP client ... (FreeBSD-Security) Re: Is this a 3-Leg Perimeter scenario? ... the same configuration as I had it originally before upgrading to ISA 2004 ... No PersisentRoute enrty on the clients; no firewall client disabling; no IE ... using IE to access the FTP. ... (microsoft.public.windows.server.sbs) Re: Bug with W2K3, SP1, Windows Firewall and FTP ... FTP service is listed, it should be bi-directional. ... I'm confuse as well:) between the advanced tab and exception tab. ... I decided to try adding a port 21 in the firewall exception list ... when I entered a "dir" command at the client FTP prompt, ... (microsoft.public.inetserver.iis.ftp) Re: Windows XP and FTP ... I believe that you will need to add an exception for the particular application that you intend to use to ensure that the client will be able to connect using that application. ... Thank you for your suggestion - I have tried this, and unfortunately opening ports 20 & 21 on the firewall as an exception does not seem to make a difference, even after a restart of both the connection and the client machine itself. ... Subject: Windows XP and FTP ... (Security-Basics) Re: XP SP2 and ftp PUT and GET to AS/400 not working ... > I can connect and logon with ftp client but commands GET and PUT does not ... > (I use client that came with Windows) ... > on firewall and even disable firewaal but only thing i could is to connect ... (microsoft.public.windowsxp.general)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(14)