ScreenOS Firewalls (NOT SRX)
ScreenOS Firewalls (NOT SRX)

PBR problems with PASV FTP

05.02.11   |  
‎05-02-2011 09:41 AM

We've recently had a customer install a cable internet connection to handle some large outbound FTP 'puts' to their customer's site. To handle this we've configured PBR, but are running into a problem when the client opens the secondary PASV port (which we can't always know before hand because it's configured by the FTP server).


Has anyone dealt with this before? As a work around we've configured a destination route but this of course requires the customer to inform us everytime there's a new FTP site to be reached. Additional PBR configuration for SCP/SSH works properly.