Community

General discussion

Gravatar
0 Votes
Locked

Cannot access FTP pages on web using wireless/Router/ADSL modem

By campbelltaylor ·
I have a wireless home network that uses a Westell 2410 router/ADSL modem/Wireless access point. With the recommend Firewall Configuration I can not access FTP pages on the web via my IE browser on my WIndows XP Home edition laptop.
For example ftp://ftp.isi.edu/in-notes/rfc1579.txt

When I try to access the page the screen is blank for at least 1 - 2 minutes then displays a standard Microsoft "Cannot find Server" errror message.

However if I go to minimum preset setting for Firewall I can access this page. Therefore the issue must be with the firewall setting on the Router.

The settings for the low setting on the firewall (that allows FTP web site access) are:
===================================
title [ Security Level 1 IN rules ]

begin
Rules
pass all
AddresDrop
drop from addr 0.0.0.0 >> done, alert 4 [ 0.0.0.0 Source IP Address]
pass protocol udp, to port 53 >> done
pass protocol udp, from port 53 >> done
drop protocol icmp >> alert 4 [ICMP Message To WAN IP]
end
===========================================

The settings for the recommended setting on the firewall (That blocks FTP web site access) are:
============================================
title [ Security Level 2 IN rules ]

begin

TTLDrop
drop match 3 8 { 01:FE } >> alert 4 [TTL of 0 or 1]

AddresDrop
drop from addr 0.0.0.0 >> done, alert 4 [ 0.0.0.0 Source IP Address]
pass protocol udp, to port 53 >> done
pass protocol udp, from port 53 >> done
pass icmp-type reply >> done
pass icmp-type unreachable >> done
pass icmp-type exceeded >> done
drop protocol icmp >> done, alert 4 [ Invalid ICMP Type ]

Rules
pass all
end
=========================
I want to block all ports apart from ones I use so your help will ensure I customise this firewall correctly without limiting my use of the Internet.

Thanks in advance for your help.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

gravatar
Collapse -

Try

by GuruOfDos In reply to Cannot access FTP pages o ...

Adding the following line

pass protocol ftp, to port 110 >> done

gravatar
Collapse -

And why not

by GuruOfDos In reply to Cannot access FTP pages o ...

Try posting this question in Q&A instead of the forums. You'll get more replies AND if you award some tech points, FASTER REPLIES!!!

gravatar
Collapse -

Thanks - Learnt my lesson

by campbelltaylor In reply to And why not

Yeah sorry I was new at the whole discussions versus Tech Q & A and didn't put it in the proper section. Thanks for your response though.

In the end I found that my inbound rules were blocking what the outbound had intiated and resolved it via the interface. Probably the same as what you had suggested but just via a gui rather than manual amendment of file.

Cheers again for you suggestions though

Back to Community Forum

Start or search

Related Discussions

Related Forums