• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 371
  • Last Modified:

Problem accessing ftp site


I recently created a FW rule in checkpoint that enables access to a ftp site on port 10000 for a particular subnet. Once the rule was created, I tested and access was possible and also possible for the user that made the request.

A few days later, user calls back saying she has no longer access to ftp site. I can reproduce the problem. When I go to the ftp site, I get the box asking my credentials. After entering, I get nothing.

Checked the tracker in checkpoint and I can see the rule giving access to the site on port 10000 but then the clean up rule gets applied because it is trying to use another port. Each time I test, the clean up rule blocks another port each time. Example: first port 11065 then next time I try port 11066 and so on. When I add the next port to my rule and test, it just block the next port.

Does anybody have any ideas why it is behaving this way and why access to the ftp site is no longer available when it was a few days before and no changes were made?

Thanks in advance for your replies.
  • 2
1 Solution
seaprAuthor Commented:
Output of tracker when trying to access ftp siteI have added a screenshot of the entries I get in the tracker concerning this issue
seaprAuthor Commented:
I have solved the issue. Rule was too low in the list. Moved it above a blocking rule and it works.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now