4 Replies Latest reply on Aug 9, 2013 2:30 PM by dpbpc62

    Using FTP over SSL/TLS

    dpbpc62

      Good Day

       

      I have a MFE v7.0.1.02 that has an FTP packet filter rule using packet filter services on port 21, 990, and ephemeral port range of 54000-60000.

       

      The rule is

      src - External customer

      dst - Alias IP

      Redirect - internal IP

       

      The customer establishes a connection via FTP and can run commands but when they try to PUT a file the session is terminated, see log below

       

      08/08/2013 11:07:58 OPEN 192.x.x.x

      08/08/2013 11:07:58 220-FTPD1 IBM FTP CS V1R12 at workstation.domain.ca, 11:07:09 on 2013-08-08.

      08/08/2013 11:07:58 220 Connection will close if idle for more than 15 minutes.

      08/08/2013 11:07:58 AUTH TLS

      08/08/2013 11:07:58 234 Security environment established - ready for negotiation

      08/08/2013 11:07:59 PBSZ 0

      08/08/2013 11:07:59 200 Protection buffer size accepted

      08/08/2013 11:07:59 PROT P

      08/08/2013 11:07:59 200 Data connection protection set to private

      08/08/2013 11:07:59 USER user01

      08/08/2013 11:07:59 331 Send password please.

      08/08/2013 11:08:05 PASS *******

      08/08/2013 11:08:05 230 USER01 is logged on.  Working directory is "USER01.".

      08/08/2013 11:08:05 SYST

      08/08/2013 11:08:05 215 MVS is the operating system of this server. FTP Server is running on z/OS.

      08/08/2013 11:08:05 PWD

      08/08/2013 11:08:05 257 "'USER01.'" is working directory.

      08/08/2013 11:08:05 Assuming MVS FTP server

      08/08/2013 11:08:05 TYPE A

      08/08/2013 11:08:05 200 Representation type is Ascii NonPrint

      08/08/2013 11:08:05 PASV

      08/08/2013 11:08:05 227 Entering Passive Mode (192,x.x.x,223,198)

      08/08/2013 11:08:19 quote site recfm=fb lrecl=150 blksize=27900 secondary=50 tracks

      08/08/2013 11:08:19 LIST

      08/08/2013 11:08:19 550 No data sets found.

      08/08/2013 11:08:19 site recfm=fb lrecl=150 blksize=27900 secondary=50 tracks

      08/08/2013 11:08:19 200 SITE command was accepted

      08/08/2013 11:08:24 ascii

      08/08/2013 11:08:35 lcd C:\

      08/08/2013 11:08:37 LCD C:\Users

      08/08/2013 11:08:39 LCD C:\Users\Administrator

      08/08/2013 11:08:40 LCD C:\Users\Administrator\Desktop

      08/08/2013 11:08:54 PUT test1.txt 'My.file.(+1)'

      08/08/2013 11:08:54 PASV

      08/08/2013 11:08:54 227 Entering Passive Mode (192,x.x.x,223,199)

      08/08/2013 11:09:15 Winsock error: 10060. A connection can not be established.

       

      Has anyone seen this kind of error before.

       

      Thanks

       

      Dana