Proxy Port and Regular Port
T20 12.6.4
Hi,
Puzzled between setting up a SFTP with a proxy port and a regular Port example: Port 2222
I created a policy with a Proxy Port 2222, and firewall shows allowing traffic to the server but it cannot connect using the FTP Client.
I created another policy with a regular Port 2222 and I'm able to connect using FTP Client successfully.
1) For SFTP setting with a regular Port 2222, is that safe compare to a proxy port?
2) Why creating a Proxy Port 2222 does not let me connect using a ftp client even if the logs showed all allowed? Is there something i need to change on the policy?
Thank you.
0
Sign In to comment.
Comments
"The FTP-proxy does not support FTP over SSL, TLS, or SFTP connections."
About the FTP-Proxy
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/proxies/ftp/proxy_ftp_about_c.html
Are you using SFTP or FTPS?
SFTP uses SSH, which doesn't have multiple ports.
FTPS uses FTP over SSL
https://en.wikipedia.org/wiki/FTPS
Ok, i thought we could apply the FTP proxy on SFTP, but we'll be using SFTP. Thanks
Hi @WGM
The FTP proxy only supports regular FTP. FTPS and SFTP will need to use packet filters.
Thank you Bruce and James!
Since there is no proxy on the SFTP, will the firebox scan for virus when client uploads a file?
No.
Note again - SFTP uses the SSH protocol, not the FTP protocol.
So one would need a SSH proxy, which currently does not exist.
got it. Thanks!