Zywall 310 allow only one IP public FTP port

steve15f
steve15f Posts: 16  Freshman Member
First Comment Friend Collector
edited April 2021 in Security

Hi dear,

i wanted to know if it's possible to open the FTP port (21) for only one external IP ?


thanks

All Replies

  • PeterUK
    PeterUK Posts: 3,400  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    Why yes just setup the firewall to allow one source IP when you setup a address object for host of the IP.

  • steve15f
    steve15f Posts: 16  Freshman Member
    First Comment Friend Collector
    edited June 2019

    Hi,

    thanks for your reply

    i'm trying to allow FTP from external users but it's not working, can you help me ?

    you can see attach the policy control and NTP rule ...

    FTP TCP port 21


    i've an error on the connection :

    Statut : Connexion à x.x.x.x:21...

    Statut : Connexion établie, attente du message d'accueil...

    Statut : Serveur non sécurisé, celui-ci ne supporte pas FTP sur TLS.

    Commande : USER FTP-User

    Réponse : 331 Password required for User

    Commande : PASS ********************

    Réponse : 530 Login incorrect.

    Erreur : Erreur critique : Impossible d'établir une connexion au serveur


    For information ,with the Same rule (but with port 22) it's working in SFTP (SSH FTP)

    it's a FTP on a synology

    ty


  • PeterUK
    PeterUK Posts: 3,400  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    Do you have ALG for FTP enabled with FTP transformations?

    Your FTP logs show Login incorrect so traffic is getting to the FTP server.

  • steve15f
    steve15f Posts: 16  Freshman Member
    First Comment Friend Collector

    Hi PeterUK

    thanks for your reply but i'm sorry i don't know about ALG, what is it and where can i show this ? thanks

  • PeterUK
    PeterUK Posts: 3,400  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    Its in the Zywall 310

    Network > ALG

    it allow the FTP traffic to work for other ports the FTP needs.

    It might not help as your getting Login incorrect so check your user name and password.

Security Highlight