General discussion

Locked

W2k, FTP Server and Virtual IP's

By JonDixon@Home ·
My office has a Checkpoint-1 firewalls NT with 4.0 version,
and a W2K Server with multi-hosting(virtual IPs) service.

If I start ftp function to access the NT server through FW-1, no matter from
local pc or FW-1 itself, there are some conditions ,

1. if ftp the NT's real ip, the connection is OK.

2. when you ftp anyone NT's virtual ips, the action is hung,
appear " 425 Can't open data connection" error message.

3. when ftp the NT server not through FW-1, from aninternet user
it also works OK,no matter what real ip or virtual ip is used.

4. if NT server is moved to DMZ, the ftp action from internet user
is the same as the above 2. point.

PS. If FW-1's security policy rule is set to "any any any accecpt long GW ...",
ftp NT server is no problem, no matter what real ip or virtual ips,
when any security rule is set, the situation is the same above descriptions.

Can you help???

This conversation is currently closed to new comments.

2 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Add other IP's to fwl

by LordInfidel In reply to W2k, FTP Server and Virtu ...

Did you add the other IP's to the FTP rule?

I would first create all of my IP's for that machine as workstations/resources.
(each IP ='s a seperate resource)

I would then create a group called FTP and add those resources to it.

then Add the group to your FTP rule.

Collapse -

Maybe check your firewall setting

by tanjunjun In reply to Add other IP's to fwl

Maybe you can check your firewall setting to see whether you have permitted access to your virtual IP address and associated ftp service?

Back to Security Forum
2 total posts (Page 1 of 1)  

Related Discussions

Related Forums