[j-nsp] Passive FTP problems
Luca Salvatore
Luca at ninefold.com
Wed Mar 6 04:23:28 EST 2013
Yes I have had issues with numerous ALGs. It has just stopped working out of the blue which is very weirder.
Unfortunately it's not feasible to upgrade the firewall just yet as it is a very busy firewall with 24/7 connectivity requirements.
Sent from my iPad
On 06/03/2013, at 7:15 PM, "Mark Menzies" <mark at deimark.net<mailto:mark at deimark.net>> wrote:
I dont know what was in the article sadly but your issue sounds like an ALG issue, even if its not showing as such.
In the past most vendor implementations of ALGs can be a bit hit and miss and I know that on SRX, the SIP and FTP ALGs in particular have had some issues.
I would suggest upgrading to 11.4 or 12.1X if you can as I do know that juniper do try and fix the ALG issues quite quickly and later releases should be better.
On 6 March 2013 08:02, Luca Salvatore <Luca at ninefold.com<mailto:Luca at ninefold.com>> wrote:
I have some issues with passive FTP on a SRX running Junos 10.4r6
I was interested, in this KB http://kb.juniper.net/InfoCenter/index?page=content&id=KB8193
But it says the article is it in review and can't be viewed. Just wondering if anyone knows any info about what is in the KB.
My issue basically is that passive FTP doesn't work correctly. It can connect but can't list directories or transfer files. FTP ALG is on and I can't see any dropped packets.
Active FTP works OK...
Anyway was really interesting in the KB above as it mentions some clients don't trigger the FTP ALG.
Thanks
Luca.
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net>
https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list