O'Reilly logo

ScreenOS Cookbook by Sunil Wadhwa, Joe Kelly, Ken Draper, David Delcourt, Vik Davar, Stefan Brunner

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

11.4. View the Control and Data Sessions for an FTP Transfer

Problem

You want to view the control and data sessions associated with an FTP transfer.

Solution

Figure 11-1 shows the Orion host and the Phoenix FTP server communicating through the Internal_fw and External_fw gateways.

FTP ALG

Figure 11-1. FTP ALG

The Internal_FW ScreenOS gateway has the following configuration, permitting FTP traffic from Orion to Phoenix:

	Internal_FW-> set address Trust orion 192.168.4.10/32
	Internal_FW-> set address Transit phoenix 192.168.9.30/32
	Internal_FW->set policy from Trust to Transit orion phoenix ftp
	permit log

Similarly, the External_FW ScreenOS gateway has the following configuration, permitting FTP traffic from Orion to Phoenix:

	External_FW-> set address Transit orion 192.168.4.30/32
	External_FW-> set address DMZ phoenix 192.168.9.10/32
	External_FW->set policy from Transit to DMZ orion phoenix FTP
	permit log

When an FTP session is initiated from Orion to Phoenix, the control (parent) session is viewed as follows on the Internal_FW ScreenOS gateway:

	Internal_FW-> get session src-ip 192.168.4.10 dst-ip 192.168.9.30
	dst-port 21

When Orion requests and starts to receive a file via an active FTP from Phoenix, a separate FTP data (child) session is opened on the firewalls. You can view this session as follows on the Internal_FW gateway:

	Internal_FW-> get session src-ip 192.168.9.30 dst-ip 192.168.4.10 src-port ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required