Home > IT Answers > Security > Creating firewall rules to allow FTP connections
TeachMeIT
975 pts.
 Creating firewall rules to allow FTP connections
Firewalls, FTP, Network connectivity, Networking, SonicWALL, SonicWALL Pro 3060, Subnet mask
I need to create firewall rules to allow FTP connections from specific clients. I have their network address/subnet mask. How can I add this for all servers from my Sonicwall Pro 3060?

Software/Hardware used:
ASKED: May 24, 2011  5:50 PM
UPDATED: May 25, 2011  5:25 PM
RELATED QUESTIONS
Answer Wiki:
Last Wiki Answer Submitted:  Be the first to answer this question.
All Answer Wiki Contributors:  Be the first to answer this question.
To see all answers submitted to the Answer Wiki: View Answer History.


RSS - Discussions Help
Discuss This Question:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

 

usually if lets say point A(external) comes into your network, you will know the IP and also the port that is used and that will come into ur network then into your servers.

jinteik
 15,610 pts.
 

Allowing FTP through a firewall is a tricky beast – Linux Kernel Netfilter Subsystem has a special helper for FTP tracking, since FTP protocol is quite specific: control connection is opened from ANY tcp port on the client to tcp port 21 on the server; after that for any transfer (even dir listing) a data connection is negotiated – from tcp port 20 to ANy port of the client; the passive transfer is alway initiated by the client, but a negotiating goes on all the same… So, the firewall helper reads the packet contents, where the connection ports are negotiated and dynamically opens them…

Why don’t consider using sftp – just open tcp port 22 to the client IPs and you get a secure transfers as a bonus…

petkoa
 3,120 pts.