Solved

FTP Server IBM i -  Passive Modus and IP Address

Posted on 2016-11-14
2
17 Views
Last Modified: 2016-11-17
Hi,

A customer is using the IBM i (V5R4) as a FTP server (with exit points programs caring about security).
The server was accessible from internet even in passive modus but since the firewall was changed, we cannot access it.
According with the IT Staff from the customer (and Cisco support, the new firewall provider):

“the server has to provide the public IP address when going into passive
mode for the transfer to work that's why you're getting that error.
You'll need to speak to vendor of the server for alternatives for it to
provide the public address.”

Unfortunately, I cannot find the way to change this setting in IBM i (I don´t even know it this is possible)

Anybody with experience?
0
Comment
Question by:jaimosky
2 Comments
 
LVL 15

Accepted Solution

by:
max_the_king earned 500 total points
Comment Utility
Hi,
i've been there before ...

what i figured out is that iSeries implements its own ftp passive redirection in that gives its real IP address to the requested ftp client instead giving it the natted (public IP) address. This way, after succesfully open connection, it cannot transfer data.
The only workaround i found was to connect via vpn-client from the ftp client: this way, even in PASV mode, the real internal IP address wouldn't change, and it successfully transfer data to and from the client.

I don't know if you can find a better solution ...

hope thish helps
max
1
 

Author Comment

by:jaimosky
Comment Utility
Apparently it is possible to perform it in the firewall, the IT staff was not well informed.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Describes a method of obtaining an object variable to an already running instance of Microsoft Access so that it can be controlled via automation.
HOW TO: Connect to the VMware vSphere Hypervisor 6.5 (ESXi 6.5) using the vSphere (HTML5 Web) Host Client 6.5, and perform a simple configuration task of adding a new VMFS 6 datastore.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now