Browsers need to point to the HTTP Proxy Port for all protocols, even for FTP. The FTP Proxy on port 2121 is only working for native FTP Clients, e.g. FileZilla or similar.
A browser will use FTP-over-HTTP, which works through the Proxy Port. This should work as expected.
Yes I understand how to configure the browsers to utilize the port 2121 that’s not my issue. My problem is any browser which uses the appliance it’s a hit or miss- very inconsistent. I’ve checked logs and ran various tcpdumps but can’t see why this feature of the appliance is very tedious.
Was wondering if anyone else has experienced similar problem with browsers using FTP and what the resolution was to fix.
Yes I understand how to configure the browsers to utilize the port 2121 that’s not my issue.
are you sure this is not your issue? As Andre has pointed out, your browser should be configured to port 9090, even for the FTP port. Port 2121 is only for dedicated FTP clients!
9090 is the default HTTP proxy port, it was just an example. They are not saying you shouldnt have 2121 on the port redirects. You are using port 80 or port 8080 for your HTTP proxy so you would have your browser configured as below (except with 80 or 8080 as the port):
With filezilla or other FTP clients would be configured using the FTP proxy port:
Hope this helps you understand better what the purpose is between the different proxies.
Anyone know to use FTP via command prompt using the proxy.
IF LOCAL AUTH is not applying to FTP:
open [IP-of-MWG] 2121
IF USING AUTHENTICATION for FTP
open [IP-of-MWG] 2121
In addition to the above, if you are URL filtering (and blocking everything) the inital commands will not have a URL associated with it, so you will need to allow the blank URL "ftp:" in order to allow the local authentication to take place (because there is no URL at that point). See screenshot below for an example.
There may be a more elegant way to do this, but it works.
Hope this helps.
Did my response above help?
Is there any way to restrict FTP access on the basis of username? I am able to do this on the basis of IP. I am using Filezilla as FTP client. Below are theproxy settings.
However as per the attached ruleset, if the FTP client's IP is not in the FTP Allowed IP list, I am getting the following message on Filezilla:
It seems that Filezilla is able to authenticate FTP proxy credentials, but not able to use the parameter Authenticate.Username. Is there any parameter available to allow only selected FTP Proxy credentials, access to FTP links?