Unable to upload access log to FTP server after upgrading to SGOS 6.5

book

Article ID: 168462

calendar_today

Updated On:

Products

Asset Management Solution ProxySG Software - SGOS

Issue/Introduction

FTP access log upload does not work after upgrading from SGOS 6.2 to 6.5.

A PCAP shows that the client is able to login to the FTP server on port 21:

1258    2014-12-30 15:01:27.291207    172.16.0.4    10.10.10.3    FTP    Request: USER admin
1259    2014-12-30 15:01:27.292279    10.10.10.3    172.16.0.4    FTP    Response: 331 Password required for admin
1260    2014-12-30 15:01:27.293091    172.16.0.4    10.10.10.3    FTP    Request: PASS admin
1261    2014-12-30 15:01:27.294384    10.10.10.3    172.16.0.4    FTP    Response: 230 Logged on


The FTP server tells the client to initiate the data connection to port 444 (1*256 + 188).

1266    2014-12-30 15:01:27.297470    172.16.0.4    10.10.10.3    FTP    Request: PASV
1267    2014-12-30 15:01:27.299362    10.10.10.3    172.16.0.4    FTP    Response: 227 Entering Passive Mode (10,10,10,3,1,188)


After that the ProxySG appliance does not initiate any traffic on port 444.

 

Resolution

Configure the FTP server to use a passive FTP port that is higher than 1023.