FTP debugging on Sophos UTM.

  • Article ID: 116050
  • Rating:
  • 3 customers rated this article 1.7 out of 6
  • Updated: 13 Feb 2014

This article lists FTP debug options for Sophos UTM.

Known to apply to the following Sophos product(s) and version(s)
Astaro Security Gateway/Sophos UTM

Operating systems
V7, V8, V9

What To Do

1. Check if passive ftp is working correctly

The server responds with: 227 Entering Passive Mode (217,6,229,88,122,149). This means the client connects to the server 217.6.229.88 on port 31381 
  • What does 217,6,229,88,122,149 mean?
    217,6,229,88 stands for the ip address of the ftp server (217.6.229.88) and 122,149 stands for the port to connect to (31381) 

  • The port can be calculated as followed: 122*256+149 = 31381 
    So the client will establish a tcp connection to the ftp server 217.6.229.88 on port 31381 Check via tcpdump if the connection is established correctly on port 31381. 

2. FTP connection issues on ASG vmware system

If you have problems with interrupted ftp connections on UTM vmware, check  how the adapters on the vmware are defined.
If possible set your vmware adapter to 'E1000'. This configuration has been shown to fix several connection issues.

3. Activate debugging in ftpproxy (frox)

vi /var/chroot-ftp/etc/frox.conf +100 

  1. Change LogLevel 20 to LogLevel 25 
  2. Restart ftpproxy with: /var/mdw/scripts/ftp restart
Debug output can be found in /var/log/ftp.log

4. Use ftpproxy via wget on your linux client for debugging

  • Use export ftp_proxy=[ipaddress]:[port]
    for example: export ftp_proxy=192.168.99.100:8080 
  • to remove ftpproxy use the command: unset ftp_proxy

 
If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent

Comments