Table of Contents
Advertisement
1.
Go to: Objects > Services > Add > TCP/UDP Service
2.
Now enter:
•
Name: ftp-outbound-service
•
Type: select TCP from the dropdown list
•
Destination: 21 (the port the ftp server resides on)
•
ALG: ftp-outbound
3.
Click OK
C. Create IP Rules:
IP rules need to be created to allow the FTP traffic to pass and these are different depending on if
private or public IPv4 addresses are being used.
i. Using Public IPs:
If using public IPs, make sure there are no rules disallowing or allowing the same kind of
ports/traffic placed before this rule.
1.
Go to: Policies > Firewalling > Main IP Rules > Add > IP Rule
2.
Now enter:
•
Name: Allow-ftp-outbound
•
Action: Allow
•
Service: ftp-outbound-service
3.
For Address Filter enter:
•
Source Interface: lan
•
Destination Interface: wan
•
Source Network: lannet
•
Destination Network: all-nets
4.
Click OK
ii. Using Private IPs:
If the firewall is using private IPs with a single external public IP, the following NAT rule needs to
be added instead of the rule above:
1.
Go to: Policies > Firewalling > Main IP Rules > Add > IP Rule
2.
Now enter:
•
Name: NAT-ftp-outbound
•
Action: NAT
•
Service: ftp-outbound-service
446
Chapter 6: Security Mechanisms
- Quick Links:
- User Manual
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
