2 Replies Latest reply on Oct 18, 2016 3:15 AM by hildebrandtu

    FTP Policy Problem



      I have a problem to create the following policy for ftp access. Not the ftp access via http, but the passive ftp access via ftp client.

      My current policy can only allow or prohibit the access from individual IP addresses to all FTP Servers.

      I want to create a policy for ftp access only by certain users on certain servers. For all other users the ftp access should be forbidden.

        • 1. Re: FTP Policy Problem


          you may look at rfc959 (FTP Protocol description). Native FTP does not support inline authentication, it is always done between the FTP Server and the endpoint (from my point of information).


          You can use FTP authentication with MWG, this is also possible using the command line FTP from windows. The user has to connect to the FTP Server in another way. Here is an example:



          > ftp

          ftp> open proxy.mycompany.com 1234

          Connected to proxy.mycompany.com

          220 FTP proxy ready

          User (proxy.mycompany.com: (none)): User667@www.destinationftpserver.info

          331-FTP Server ready.

          331 Password required for User667.

          Password: xyz


          Hope this helps,


          • 2. Re: FTP Policy Problem

            Ok, thanks for your advice i understand the behaver. But I search for a way to restrict the ftp access to dedicated servers. Any idea?