Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Metro_Support_A
Explorer

How can I stop checkpoint FTP server listening on public IP interface

I found that ftp command with public IP interface of the checkpoint gateway response all of the IP addresses on my public interface subnet. (Also with telnet port 21 command)

Although the connection close or timeout but it is still shown the message '220 Check Point FireWall-1 Secure FTP server running on XXX' when I try to using ftp x.x.x.x. 

I try to block this FTP access from internet by creating stealth rule for my public IP destination with FTP service. It's work. But I still don't know why the gateway response FTP connection like this and I want to disable it.

I'm using 4600 running R77.30 Gaia.

0 Kudos
2 Replies
PhoneBoy
Admin
Admin

What version of code?
Also what rules do you have that are specific to FTP?
Any of them with an action of User Auth or include a Resource (FTP->Something)?
0 Kudos
Wolfgang
Authority
Authority

Check if you have defined a FTP-ressource and a rule with this ressource. This enables CheckPoints FTP SecureServer running like a HTTP-proxy.

FTP-ressource1.PNGFTP-ressource2.PNG

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events