Amer Networks E5Web GUI User Manual

In this case, we will set the FTP ALG restrictions as follows.

•

Enable the Allow client to use active mode FTP ALG option so clients can use both active
and passive modes.

•

Disable the Allow server to use passive mode FTP ALG option. This is more secure for the
server as it will never receive passive mode data. The FTP ALG will handle all conversion if a
client connects using passive mode.

The configuration is performed as follows:

InControl

Follow the same steps used for the Web Interface below.

Web Interface

A. Define the ALG:

(The ALG ftp-inbound is already predefined by cOS Core but in this example we will show how it
can be created from scratch.)

1.

Go to: Objects > ALG > Add > FTP ALG

2.

Enter Name: ftp-inbound

3.

Check Allow client to use active mode

4.

Uncheck Allow server to use passive mode

Chapter 6: Security Mechanisms

393