Pix515 FTP outside-to-inside fails from OS/390 Mainframe
we have customer attempting an FTP from a OS/390 V2R10 C/C++ 5647-A01 Mainframe out in the internet through to a Windows server on the inside interface of a PIX515E Ver 7.0(2).
Each time they attempt the FTP it fails. We can FTP from windows, and other FTP client applications outside-to-inside OK, its just the mainframe which fails. The customer has Checkpoint firewalls at another sites and FTP?s through these are fine.
They send 5 of 6 ASCII FTP files at a time, each file being only a few 100K. On the last attempt 2 out of 7 files made it through.
On the PIX you see the TCP connections torn down:
Teardown TCP connection 28746032 for IFT-OUTSIDE:126.96.36.199/57063 to IFT-INSIDE:IFT-WEB-01/21 duration 0:02:00 bytes 286 TCP FINs
Dec 15 09:41:00 10.3.8.254 Dec 15 2006 09:08:32: %PIX-6-302014: Teardown TCP connection 28746033 for IFT-OUTSIDE:188.8.131.52/57064 to IFT-INSIDE:IFT-WEB-01/20 duration 0:02:00 bytes 118680 Parent flow is closed
Dec 15 09:41:00 10.3.8.254 Dec 15 2006 09:08:32: %PIX-6-106015: Deny TCP (no connection) from 184.108.40.206/57064 to 220.127.116.11/20 flags RST on interface IFT-OUTSIDE
We have tried enabling/disabling fixup, and enabling/disabling ?ftp mode passive?
Does anyone have any suggestions on how to resolved this?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...