No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade
MENU

USG3040 for version problem, the domain NAT FTP function is not normal

Publication Date:  2012-11-06 Views:  629 Downloads:  0
Issue Description

 key configuration:      [USG3000]nat server protocol tcp global 1.1.1.1 2121 inside 192.168.1.250 21
                                      [USG3000-zone-trust]nat 2000 address-group 1

Software type: USG3040 V100R002
Problem phenomenon: 1. Users did a “NAT-SERVER’ port mapping (the external network 2121 mapping the 21 port of internal network) a FTP SERVER of internal network, and at the same time also did domain NAT function, “NAT-SERVER” function is normal.
1. Domain NAT is not normal, PC end can't use the FTP passive mode access to FTP SERVER, active mode is normal, if change the NAT-SERVER mapping to 21 port mapping 21 port, they are all normal


Alarm Information
None.
Handling Process
When checking the USG session table, found it appears passive IP phenomenon in the session table at the second stage of the FTP consultation, it is V1R2 version software problems, after change the version to V1R1, normal. 
Root Cause
1. Check the filtering strategy, normal.
2. Check the domain NAT configuration, normal.
3. Check the FTP-SERVER, in the PC directly access to FTP-SERVER and internal network IP, normal
4. Doubt it is USG software version problem
Suggestions
USG3000V1R2 version has only a few more functions such as IPS, if not use these functions, suggest using V1R1 version, for the stability of the V1R1 must be better.

END

Contribute Articles
Huawei Enterprise APP

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved.