Hot!Fortigate 100D blocking SFTP to remote server

Author
Ballzack
New Member
  • Total Posts : 3
  • Scores: 0
  • Reward points: 0
  • Joined: 2017/08/30 03:06:48
  • Status: offline
2017/09/11 23:57:38 (permalink)
0

Fortigate 100D blocking SFTP to remote server

Good day
 
I have the following issue:
 
The Fortigate is causing the Filezilla SFTP connection to fail to the public ip 105.28.100.177 over port 990.
The connection needs to be established from an internal server.
The last 2 log entries on Filezilla reads:
 
Status: Connection established, initializing TLS...
Error:   Could not connect to server.
 
I have created a policy for the internal server, allowing access to all destinations, all ports, and removed all security profiles.
The logs shows that traffic is being allowed through.
 
I get the same result when testing from a desktop on the network.
 
I can connect to the site successfully when testing from outside of the network or over 3G.
 
Not sure where to go from here.
Any assistance will be greatly appreciated.
 
Thanks.
 
 
 
#1

3 Replies Related Threads

    ede_pfau
    Expert Member
    • Total Posts : 5220
    • Scores: 326
    • Reward points: 0
    • Joined: 2004/03/09 01:20:18
    • Location: Heidelberg, Germany
    • Status: offline
    Re: Fortigate 100D blocking SFTP to remote server 2017/09/12 01:08:48 (permalink)
    0
    hi,
     
    and welcome to the forums.
     
    Just a speculation but if you are using FOS v5.4.x or up, open the CLI and
    - config sys global
    set strong dis
    end
     
    and try again. If I'm right I will explain it.

    Ede

    " Kernel panic: Aiee, killing interrupt handler!"
    #2
    Ballzack
    New Member
    • Total Posts : 3
    • Scores: 0
    • Reward points: 0
    • Joined: 2017/08/30 03:06:48
    • Status: offline
    Re: Fortigate 100D blocking SFTP to remote server 2017/09/12 02:15:12 (permalink)
    0
    Thanks.
     
    Unfortunately no luck after running the command.
    #3
    Ballzack
    New Member
    • Total Posts : 3
    • Scores: 0
    • Reward points: 0
    • Joined: 2017/08/30 03:06:48
    • Status: offline
    Re: Fortigate 100D blocking SFTP to remote server 2017/09/12 05:55:09 (permalink)
    0
    I am not an expert but do you think this might be an issue with the Fortigate's session-helper?
    #4
    Jump to:
    © 2017 APG vNext Commercial Version 5.5