Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
scottwheldon
New Contributor

Issue with FTP

Hi,

I need some help with getting FTP access going please.

I have a FG60 series and a QNAP on the LAN that I want to have access going for FTP access.

I have a standard VIP setup and a Policy in place

FTP service inside the LAN works totally fine.

I have other port forwards setup fine as well, such as RDP, PPTP etc...

 

I am getting the following error message from FileZilla: Server sent passive reply with unroutable address. Using server address instead.

 

I just can;t see where/how/why its not working, going crazy.

 

EDIT on this - I am trying to do FTP over TLS, not pure unencrypted  FTP - sorry for any confusion.

 

Thankyou so much, Scott

 

3 REPLIES 3
emnoc
Esteemed Contributor III

Is it a one-4-one NAT? What happening if you run pasv in debug, the server is giving an address that's not  recognizable by the  ftp-client  and probably is the internal address.

 

Do a debug  on the client compute the given address.? Fix up  the    ftp session between server and client

 

 

http://help.fortinet.com/...n%20helper%20(ftp).htm

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
ede_pfau
Esteemed Contributor III

One published 'solution' is to disable the FTP session helper.


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
scottwheldon
New Contributor

Hi,

 

update on this, I have fixed it.

 

I had to change the settings in Security Profiles -> SSl Inspection to FULL SSL Inspection and then select FTPS as per the attached image.

 

Scott

Labels
Top Kudoed Authors