FTP QUIT Command problem

Unanswered Question
Feb 12th, 2008
User Badges:

Hi all,


I am having a rare problem with 2 of our Solaris FTP servers that sits behind the Cisco FWSM.

Scenerio: when users ftp from or to this boxes within LAN and over WAN all ftp transaction done O.K, but when

user type QUIT/BYE, it takes over 60secs before the FTP session connection closed.


When I move these server out of the FWSM, all FTP commands works fine.


Any thought please.

Below is an example from my Desktop:


C:\Documents and Settings\aolusanya>

C:\Documents and Settings\aolusanya>ftp mixxprodxxx1

Connected to mixxxprodxx1.xx-gnet.com.

220 mixxxprodxxx1 FTP server ready.

User (mixxxprodxx1.xxxxx.com:(none)): fxxxxx

331 Password required for fip.

Password:

230 User fip logged in.

ftp>

ftp>

ftp>

ftp>

ftp> ls

200 PORT command successful.

150 Opening ASCII mode data connection for file list.

sfftables

spool

tables

226 Transfer complete.

ftp: 91 bytes received in 0.00Seconds 91000.00Kbytes/sec.

ftp>

ftp> bye

221-You have transferred 0 bytes in 0 files. #(reply takes 62secs)

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
hoffa2000 Wed, 02/13/2008 - 04:26
User Badges:

Might be how your FWSM handles active or passive FTP. Also do you have the FTP inspection engine enabled?

I had the same problem involving load balanced FTP and the 60sec delay might be the time it takes for the session to time out in the FWSM.


/Fredrik

Actions

This Discussion