Solved

FTPS upload issues

Posted on 2011-09-27
9
682 Views
Last Modified: 2013-12-09
Another anomaly for the boards.  We have a SonicWALL Pro4060 in one site and a Cisco ASA 5500 in the other.  The users from the SonicWALL site are reporting tons of packet drops when FTP'ing files to 1 client site that is using FTPS and TLS1 exclusive.  FTP connections and FTPS connections to anywhere else, from the SonicWALL side are fine.  No issue son the Cisco Side.  All of the machines are Server 2003 in both locations  I don't know the OS of the FTP server on the client site.  any clues?
0
Comment
Question by:SuperTaco
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
9 Comments
 
LVL 7

Expert Comment

by:Jacobfw
ID: 36720139
What version of SonicOS is the device running?
Do you see drop notices in the Firewall log on the device?

Could be related to TCP statefull Inspection,  disable ‘TCP Stateful Inspection’ on the ‘Firewall > TCP Settings page’
0
 
LVL 10

Author Comment

by:SuperTaco
ID: 36743196
it could be related to stateful inspection . We're running an older SonicOS.  they refuse to update because it affect their test web server.  I see al ot of dropped packet,s which is probably hy the FTP fails.  
0
 
LVL 10

Author Comment

by:SuperTaco
ID: 36766848
     SonicOS Enhanced 4.2.0.1-12e

there no setting sthere to disable SPI
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 7

Expert Comment

by:Jacobfw
ID: 36772490
Do you have the "application Firewall enabled" on the Sonic?  Consider turning off and testing.
Do you have Gateway Anti-virus enabled" on the Sonic? Consider turning off and testing.

Either of these use Deep Packet Inspection and could be causing the issue.

Otherwise an upgrade to the SonicOS is most likely necessary or working with SonicWall which will probably recommend same.
0
 
LVL 10

Author Comment

by:SuperTaco
ID: 36775921
I've go those turned off.  Still no change.  I'll try the OS upgrade.
0
 
LVL 10

Author Comment

by:SuperTaco
ID: 36785242
thanks, but no dice.  
0
 
LVL 7

Accepted Solution

by:
Jacobfw earned 500 total points
ID: 36814049
Since you indicate you can see dropped packets on the Firewall related to this connection, we can assume it is the Firewall that is causing the problem. (please confirm that the dropped packets are associated with this connection)

1) Consider adding this question to a more specific Firewall zone on EE
2) Consider posting your problem to mysonicwall for further assistance from Sonicwall
0
 
LVL 10

Assisted Solution

by:SuperTaco
SuperTaco earned 0 total points
ID: 36818815
Well, SonicWALL couldn't fix it but I did. I create a separate rule and route for that client, and disabled FTP bounce and increased my connection timeout.  thanks for the input guys
0
 
LVL 10

Author Closing Comment

by:SuperTaco
ID: 36908497
I ended up fixing this myself after callign sinWALL, but the comments did assist in pointing me in the right direction
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Please see preceding article here: http://www.experts-exchange.com/Networking/Operating_Systems/A_11209-Root-Bridge-Election.html Figure 1 After Root Bridge has been elected, then what?..... Let's start by defining a Root Port in la…
With the withdrawal of support for Windows Server 2003 this summer, many clients face the issue of moving away from their 2003 installs. There are a few options out there that many people/companies are selling. But the clients I have, haven't wanted…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question