Created on 10-19-2023 05:22 AM Edited on 10-19-2023 05:39 AM By Jean-Philippe_P
Description |
This article covers how the causes of the “Server sent passive reply with unroutable address. Using server address instead” for FTPS traffic when traffic flow is as explained below:
FTP client --> Internet --> FortiGate --> FortiWeb --> FTP server (passive mode).
The issue is caused by the fact that FortiWeb will modify the public IP address in the embedded message to its VIP IP address and FortiGate by default will not modify the traffic as it is encrypted so the embedded message received by the client will contain the FortiWeb’s VIP and since it is a private IP address that is unroutable to the client, the error is witnessed. |
Scope |
FortiWeb. |
Solution |
There are multiple options to resolve the issue:
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.