[prev in list] [next in list] [prev in thread] [next in thread] 

List:       firewalls-gc
Subject:    Re: FTP to NT Server behind FW-1
From:       "Darwin L. Martinez" <darwin_martinez () INS ! COM>
Date:       1997-01-30 13:17:12
[Download RAW message or body]

Use FWXT_SRC_STATIC & FWXT_DST_STATIC..

At 09:07 AM 1/30/97 -0500, Mike Jones wrote:
>Ron Hardin writes...
>> I have a NT server sitting behind a FW-1 gateway.  The group that is
>> responsible for the server wishes to permit FTP access.  This host is
>> on a seperate enet segment off a quad port in my Sun host.  NAT is
>> in force for all host behing the firewall.
>> 
>> When a ftp session is initiated from the outside (say with Netscape)
>> the host is contacted, but the illegal IP (not xlated) and associated
>> port is passed back to the browser.  Needless to say the ftp session
>> fails.  Any suggestions where to look for the solution?
>
>I think the problem is the address translation mode. You're probably using
>FWXT_HIDE, which translates "on demand". I don't remember the name of 
>the other mode, but you need to set up the address of the FTP server with
>a "fixed" translation.
>
>	Mike Jones
>	Sr. Network Computing Advisor
>	UNIFIED Technologies
>
>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Darwin L. Martinez                 Voice:  404-843-5954
Network Systems Engineer           Pager:  888-346-1320
International Network Services     Vmail:  770-641-4004
Atlanta Office                     Email:  <mailto:darwin_martinez@ins.com>

http://www.ins.com

"Happiness is a belt-fed weapon."
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

[prev in list] [next in list] [prev in thread] [next in thread]