I recently created a FW rule in checkpoint that enables access to a ftp site on port 10000 for a particular subnet. Once the rule was created, I tested and access was possible and also possible for the user that made the request.
A few days later, user calls back saying she has no longer access to ftp site. I can reproduce the problem. When I go to the ftp site, I get the box asking my credentials. After entering, I get nothing.
Checked the tracker in checkpoint and I can see the rule giving access to the site on port 10000 but then the clean up rule gets applied because it is trying to use another port. Each time I test, the clean up rule blocks another port each time. Example: first port 11065 then next time I try port 11066 and so on. When I add the next port to my rule and test, it just block the next port.
Does anybody have any ideas why it is behaving this way and why access to the ftp site is no longer available when it was a few days before and no changes were made?
Thanks in advance for your replies.