Zywall 310 allow only one IP public FTP port

steve15f Posts: 16
edited April 2021 in Security

Hi dear,

i wanted to know if it's possible to open the FTP port (21) for only one external IP ?


All Replies

  • PeterUK
    PeterUK Posts: 1,401  Guru Member

    Why yes just setup the firewall to allow one source IP when you setup a address object for host of the IP.

  • steve15f
    steve15f Posts: 16
    edited June 2019


    thanks for your reply

    i'm trying to allow FTP from external users but it's not working, can you help me ?

    you can see attach the policy control and NTP rule ...

    FTP TCP port 21

    i've an error on the connection :

    Statut : Connexion à x.x.x.x:21...

    Statut : Connexion établie, attente du message d'accueil...

    Statut : Serveur non sécurisé, celui-ci ne supporte pas FTP sur TLS.

    Commande : USER FTP-User

    Réponse : 331 Password required for User

    Commande : PASS ********************

    Réponse : 530 Login incorrect.

    Erreur : Erreur critique : Impossible d'établir une connexion au serveur

    For information ,with the Same rule (but with port 22) it's working in SFTP (SSH FTP)

    it's a FTP on a synology


  • PeterUK
    PeterUK Posts: 1,401  Guru Member

    Do you have ALG for FTP enabled with FTP transformations?

    Your FTP logs show Login incorrect so traffic is getting to the FTP server.

  • steve15f
    steve15f Posts: 16

    Hi PeterUK

    thanks for your reply but i'm sorry i don't know about ALG, what is it and where can i show this ? thanks

  • PeterUK
    PeterUK Posts: 1,401  Guru Member

    Its in the Zywall 310

    Network > ALG

    it allow the FTP traffic to work for other ports the FTP needs.

    It might not help as your getting Login incorrect so check your user name and password.

Security Highlight