FTP-SSL explicit

FTP-SSL explicit

[Patrick Ahler]

Does anyone know off hand which ports I need to open on my
gateway/firewall for ftp over ssl (explicit) besides port 990???


Patrick Ahler
Systems Administrator

Re: FTP-SSL explicit

[Antony Stone]

On Monday 09 August 2004 9:27 pm, Patrick Ahler wrote:

> Does anyone know off hand which ports I need to open on my
> gateway/firewall for ftp over ssl (explicit) besides port 990???

I don't know, but I know how you can find out.

Add a LOG rule at the end of your FORWARD chain (just before the packets get 
DROPped), and see what's trying to get between client & server.

That'll tell you what you need to add as an ACCEPT rule.

Regards,

Antony.

-- 
Wanted: telepath.   You know where to apply.

                                                     Please reply to the list;
                                                           please don't CC me.

Re: FTP-SSL explicit

[gadgeteer]

On Mon, Aug 09, 2004 at 04:27:03PM -0400, Patrick Ahler (patrick@vikus.com) wrote:
> Does anyone know off hand which ports I need to open on my
> gateway/firewall for ftp over ssl (explicit) besides port 990???

ftp_tls explicit?  Is this something new?  In setting up our
implementation last spring I saw no mention of "explicit" in any of the
specification documents.

[a bit of googling]

ah... I see.  You will have to consult your software vendor as this
implicit/explicit distinction falls outside of the ftp_tls
specification.

Have fun,
-- 
Chief Gadgeteer
Elegant Innovations