• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 227
  • Last Modified:

Symantec Enterprise Firewall

We have a Symantec Enterprise Firewall (v7.0.4) and would like to put an FTP server using SafeTP in our DMZ. On the SafeTP firewall setup page (http://safetp.cs.berkeley.edu/firewall.html) it says to "Configure the firewall so that incoming connections to ports (say) 40000-40999 are forwarded to the sftpd server (at the same port as the connection requested)." How do I go about doing this? Thanks!
0
MichaelHSmith
Asked:
MichaelHSmith
1 Solution
 
mxp1l0tCommented:
You shouldn't need to open up those ports inbound to support PASV transfers with the SEF firewall.  When you specify the ftp application proxy in the inbound rule, the firewall keeps track of the ftp communication and will allow the communication on any port > 1024.

In brief you will need to create 2 network entities.  1 for the DMZ address and 1 for the outside address.
1 redirected service for ftp
1 rule allowing the traffic inbound
0
 
MichaelHSmithAuthor Commented:
Thanks.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now