Access Log Upload From ProxySG to IIS does not work over port 990

book

Article ID: 169980

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

When the ProxySG is configured to upload its Access Logs to an Internet Information Services (IIS) FTP server over FTPS on port 990 the connection will fail and no Access Logs will be uploaded.

In the PCAP you will see that the TCP connection will complete between the ProxySG and the IIS server but then no further packets will be passed.

Cause

There are in fact two different types of FTPS connection, these are Implicit and Explicit.

The ProxySG as the FTPS Client will use Explicit mode. You can only use port 990 for FTPS if the FTPS Client is going to use the Implicit mode.

Resolution

The IIS Server will need to be changed to use an FTPS port that is not 990.