Amer Networks E5Web GUI User Manual
Page 396
In this case, we will set the FTP ALG restrictions as follows.
•
Disable the Allow client to use active mode FTP ALG option so clients can only use passive
mode. This is much safer for the client.
•
Enable the Allow server to use passive mode FTP ALG option. This allows clients on the
inside to connect to FTP servers that support active and passive mode across the Internet.
The configuration is performed as follows:
InControl
Follow the same steps used for the Web Interface below.
Web Interface
A. Create the FTP ALG
(The ALG ftp-outbound is already predefined by cOS Core but in this example we will show how it
can be created from scratch.)
1.
Go to: Objects > ALG > Add > FTP ALG
2.
Enter Name: ftp-outbound
3.
Uncheck Allow client to use active mode
4.
Check Allow server to use passive mode
5.
Click OK
Chapter 6: Security Mechanisms
396