How to judge through the session information FTP login problem

Publication Date:  2012-12-18 Views:  258 Downloads:  0
Issue Description
Cannot login FTP server.
Alarm Information
None.
Handling Process
According to the fault reasons for exclusion of network or configuration issues. Check the session information to view detailed information, namely the use of the order parameter with verbose.
Conversation examples 1:

[USG5100] display firewall session table verbose 
12:51:36  2012/12/03         
Current Total Sessions : 1           
  ftp  VPN:public --> public     
  Zone: trust--> untrust  TTL: 00:00:05  Left: 00:00:03 
  Interface: GigabitEthernet0/0/1  NextHop: 157.1.1.1  MAC: 00-80-8e-8a-94-d5
  <--packets:0 bytes:0   -->packets:3 bytes:228       
  182.168.0.3:62082+->92.18.0.1:21

From the above session information can be seen, TTL life cycle is 5 seconds, the protocol interaction in SYN transmission state, the second line from the bottom left arrow packets is 0, the server no response message sent back. The client has issued 3 SYN requests, and to end without any response.The need to check whether the FTP server routing up to, whether to allow the source address access.
[ skills ] many skills when the session, you can add address filtering condition selection of the desired session.
display firewall session table verbose destination globle 192.168.0.1 destination-port 21 

Conversation examples 2:
[USG5100] display firewall session table verbose  
12:51:36  2012/12/03     
Current Total Sessions : 1  
  ftp  VPN:public --> public       
  Zone: trust--> untrust  TTL: 00:10:00  Left: 00:08:53 
  Interface: GigabitEthernet0/0/1  NextHop: 157.1.1.1  MAC: 00-80-8e-8a-94-d5 
  <--packets:11 bytes:620   -->packets:15 bytes:678   
  182.168.0.3:62082+->92.18.0.1:21 
The TTL is 10 minutes, the generic TCP protocol 3 handshake life cycle is 10 minutes, the TCP connection has been established, also from the second line from the bottom of the packets statistical information can be seen and bidirectional have message exchanges.

Conversation examples 3:
[USG5100] display firewall session table verbose   
12:51:36  2012/12/03
Current Total Sessions : 1 
  ftp   VPN:public --> public       
  Zone: trust--> untrust  TTL: 00:00:10  Left: 00:00:09      
  Interface: GigabitEthernet0/0/0  NextHop: 157.1.1.1  MAC: 00-80-8e-8a-94-d2
  <--packets:11 bytes:620   -->packets:15 bytes:678  
  182.168.0.3:62082+->92.18.0.1:21 
The session survival period was 10 seconds, not 10 minutes, and a two-way interactive message number is 0, the TCP connection has been dismantled chain, 9 seconds after the conversation will be deleted.
Root Cause
In the FTP server process view the firewall session table, according to the session table state information to determine the cause of failure in FTP.
Suggestions
Using session table information troubleshoot network problems, applicable to all session protocol, not just the FTP protocol, FTP protocol for example here is to show how an understanding of session table information.

END