Problem with FTP Transfer

Problem with FTP Transfer

am 06.03.2007 11:07:20 von ExpertOnCheckpoint

Can somebody help me please,
I experience this problem when i'm trying to transfer a file from ftp client
on Unix system to Win 2003 iis6 ftp server.

To resume I can't do a ftp connexion Firewall chepoint block me.
This is the error message on ftp client :
421 Service not available, remote server has closed connection
Login failed.
This is error message on checkpoint firewall :
Message_info : Port command ended without a new line

There is the solution :
Replace service FTP by FTP_Basic on Checpoint :
SmartDashboard-->Manage-->Services-->TCP-->ftp :
Edit-->Advanced-->Protocol Type :
Modify : ftp by ftp_basic

Inconvenient : Let a lot of failed on ftp protocol....
=> I don't want to change firewall rules but iis configuration.

Can somebody have any idea ?

More explian :
ftp_basic : strictly respect RFC standard. but don't check this :
* that all packet terminate with a new line character, so that the PORT
command is not split accros packet. (This is my problem).
* Data connections to or from well-known ports are not allowed, to prevent
the ftp Data connection being used to access some other service.
* bidirectionnal traffic on the data connection is not allowed, as it can be
used improperly.

Client logs :
With ftp protocol configured on checkpoint :
ftp> open x.x.x.x
Connected to x.x.x.x
220 Microsoft FTP Service
Name (x.x.x.x:root): XXXX
331 Password required for XXXX.
Password:
421 Service not available, remote server has closed connection
Login failed.


With ftp_basic protocol configured on checkpoint :

frnslnet.root:/ => ftp
ftp> status
Not connected.
No proxy connection.
Mode: stream; Type: ascii; Form: non-print; Structure: file; Protection: clear
Passive Mode: off
Verbose: on; Bell: off; Prompting: on; Globbing: on
Store unique: off; Receive unique: off
Case: off; CR stripping: on
Ntrans: off
Nmap: off
Hash mark printing: off; Use of PORT cmds: on
Experimental commands: off
ftp> debug
Debugging on (debug=1).
ftp> open x.x.x.x
Connected to x.x.x.x
220 Microsoft FTP Service
Name (x.x.x.x:root): UserName
---> USER UserName
331 Password required for UserName.
Password:
---> PASS passwd
230-*******************************************
* WELCOM to ... *
*******************************************
230 User UserName logged in.
ftp> ls