The intranet and the FTP server all have accessible routing, but the intranet unable to access the FTP server.

Publication Date:  2012-10-23 Views:  329 Downloads:  0
Issue Description
 
A company's network topology as above, intranet and the FTP server all have accessible routing, but the intranet unable to access the internal FTP server.
Alarm Information
none
Handling Process
1, check customer configuration information, the USG configured NAT SERVER address mapping, and the domain is applied the FTP ASPF. The configuration is correct.
2, check customer server whether do the corresponding access control policy, customer do not limit,
3, by customer check server port find that 20 port is not open, other administrator change the data transmission port to be 49185,
Firewall is still send the packet to the default 20 port, so the intranet cannot access server
4, customers are suggested to change the port as the default port, or in firewall make port mapping, the command is that:
Port - mapping FTP port 49185
Root Cause
The customer modify the default data transmission 20 port to 49185, leading to the packets firewall to the default port lost,
The intranet can't access server
Suggestions
none

END