Zywall 310 allow only one IP public FTP port

steve15f · June 28, 2019 2:48PM

Hi dear,

i wanted to know if it's possible to open the FTP port (21) for only one external IP ?

thanks

PeterUK · June 28, 2019 6:24PM

Why yes just setup the firewall to allow one source IP when you setup a address object for host of the IP.

steve15f · June 28, 2019 9:34PM

Hi,

thanks for your reply

i'm trying to allow FTP from external users but it's not working, can you help me ?

you can see attach the policy control and NTP rule ...

FTP TCP port 21

i've an error on the connection :

Statut : Connexion à x.x.x.x:21...

Statut : Connexion établie, attente du message d'accueil...

Statut : Serveur non sécurisé, celui-ci ne supporte pas FTP sur TLS.

Commande : USER FTP-User

Réponse : 331 Password required for User

Commande : PASS ********************

Réponse : 530 Login incorrect.

Erreur : Erreur critique : Impossible d'établir une connexion au serveur

For information ,with the Same rule (but with port 22) it's working in SFTP (SSH FTP)

it's a FTP on a synology

ty

PeterUK · June 28, 2019 10:09PM

Do you have ALG for FTP enabled with FTP transformations?

Your FTP logs show Login incorrect so traffic is getting to the FTP server.

steve15f · July 2, 2019 4:21PM

Hi PeterUK

thanks for your reply but i'm sorry i don't know about ALG, what is it and where can i show this ? thanks

PeterUK · July 2, 2019 8:24PM

Its in the Zywall 310

Network > ALG

it allow the FTP traffic to work for other ports the FTP needs.

It might not help as your getting Login incorrect so check your user name and password.

All Replies