Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Jonathan_Body_FTNT
Staff
Staff

Created on ‎08-24-2010 06:13 AM

Article Id 192315

Technical Note : FortiOS and FTP APPE Support

Description

This article gives information on FTP APPE support on the FortiGate.


Scope

All FortiOS Versions.


Solution
FortiOS 3.0
 
In FortiOS 3.0 all FTP APPE commands are ignored by the FortiGate and are therefore not able to be used.

FortiOS 4.0
 
In FortiOS 4.0 all FTP APPE commands are dropped by the FortiGate. This can lead to traffic being blocked if the FTP Client uses APPE commands by default.
If using FortiOS 4.0 and this problem occurs try the following:
  • Change to a FTP Client that does not use APPE commands.
  • Create specific firewall rules for the FTP traffic concerned.
  • Disable all FTP scanning options in the protection profile.
  • Disable "Display DLP meta-information on the system dashboard" for FTP in the DLP options of the protection profile. This results in the FortiGate proxy not being queried.

    config firewall profile
    edit <Protection Profile>
    set ftp no-content-summary splice
    end

  • If none of the above are suitable to the network environment then consider an upgrade to FortiOS 4.1.3 and above.
FortiOS 4.1 MR3 and FortiOS 4.2
 
FTP APPE commands are supported.


Labels:
898
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.