Hello,
I am looking at how to support FTP on a non-standard port. I found a related SK,but it does not mention and version in the R80 version.
Does anyone have experience with FTP on non-standard ports in R80. Do we still need to apply all the steps in this SK? I would like to avoid having to open up high ports for the FTP data connection. This SK specific mentions having to manually update files on each Security Gateway to configure the Security Gateway to listen to FTP connections on the desired port
Michael
I would start with creating a new TCP service, select FTP protocol and specify a custom port.
I'm pretty sure you don't need to update fwauthd.conf unless you are doing some kind of legacy User/Session/Client authentication for FTP. However an FTP service on a non-standard port needs to be set up correctly so the firewall can properly sniff PORT commands and pinhole open the necessary data ports. This is why FTP control connections (port 21) always go F2F (but the data connections can be accelerated by SecureXL). What you should be able to do is clone the existing FTP service, then edit the name and port number like this:
Use this new service explicitly in your Network rules and you should be good to go.
I would start with creating a new TCP service, select FTP protocol and specify a custom port.
I'm pretty sure you don't need to update fwauthd.conf unless you are doing some kind of legacy User/Session/Client authentication for FTP. However an FTP service on a non-standard port needs to be set up correctly so the firewall can properly sniff PORT commands and pinhole open the necessary data ports. This is why FTP control connections (port 21) always go F2F (but the data connections can be accelerated by SecureXL). What you should be able to do is clone the existing FTP service, then edit the name and port number like this:
Use this new service explicitly in your Network rules and you should be good to go.
| User | Count |
|---|---|
| 5 | |
| 5 | |
| 5 | |
| 3 | |
| 3 | |
| 3 | |
| 2 | |
| 2 | |
| 1 | |
| 1 |
Thu 21 Nov 2024 @ 02:00 PM (MST)
Denver North: Infinity External Risk Management and Harmony SaaSMon 25 Nov 2024 @ 02:00 PM (EST)
(Americas) AI Series Part 3: Maximizing AI to Drive Growth and EfficiencyTue 26 Nov 2024 @ 10:00 AM (CET)
EMEA Session: Automated Collaborative Prevention with 3rd Party Endpoint SolutionsTue 26 Nov 2024 @ 03:00 PM (CET)
Navigating NIS2: Practical Steps for Aligning Security and ComplianceTue 26 Nov 2024 @ 05:00 PM (CET)
Discover the Future of Cyber Security: What’s New in Check Point’s Quantum R82Mon 25 Nov 2024 @ 02:00 PM (EST)
(Americas) AI Series Part 3: Maximizing AI to Drive Growth and EfficiencyTue 26 Nov 2024 @ 10:00 AM (CET)
EMEA Session: Automated Collaborative Prevention with 3rd Party Endpoint SolutionsTue 26 Nov 2024 @ 03:00 PM (CET)
Navigating NIS2: Practical Steps for Aligning Security and ComplianceTue 26 Nov 2024 @ 05:00 PM (CET)
Discover the Future of Cyber Security: What’s New in Check Point’s Quantum R82Tue 03 Dec 2024 @ 05:00 PM (CET)
Americas CM Session: Automated Collaborative Prevention with 3rd Party Endpoint SolutionsThu 21 Nov 2024 @ 02:00 PM (MST)
Denver North: Infinity External Risk Management and Harmony SaaSTue 03 Dec 2024 @ 10:00 AM (GMT)
UK Community CNAPP Training Day 1: Cloud Risk Management WorkshopWed 04 Dec 2024 @ 10:00 AM (GMT)
UK Community CNAPP Training Day 2: Cloud Risk Management Workshop
