This article lists FTP debug options for Sophos UTM.
Known to apply to the following Sophos product(s) and version(s)
Astaro Security Gateway/Sophos UTM
V7, V8, V9
What To Do
1. Check if passive ftp is working correctly
The server responds with:
227 Entering Passive Mode (217,6,229,88,122,149)
. This means the client connects to the server 126.96.36.199 on port 31381
- What does 217,6,229,88,122,149 mean?
217,6,229,88 stands for the ip address of the ftp server (188.8.131.52) and
122,149 stands for the port to connect to (31381)
- The port can be calculated as followed:
122*256+149 = 31381 So the client will establish a tcp connection to the ftp server 184.108.40.206 on port 31381 Check via tcpdump if the connection is established correctly on port 31381.
2. FTP connection issues on ASG vmware system
If you have problems with interrupted ftp connections on UTM vmware, check how the adapters on the vmware are defined.
If possible set your vmware adapter to 'E1000'. This configuration has been shown to fix several connection issues.
3. Activate debugging in ftpproxy (frox)
vi /var/chroot-ftp/etc/frox.conf +100
LogLevel 20 to
- Restart ftpproxy with:
Debug output can be found in /var/log/ftp.log
4. Use ftpproxy via wget on your linux client for debugging
- to remove ftpproxy use the command: