Contivity 1750 is not allowing access to FTP Sites

[sco88]

So,the customer goes to a site to download drives for a device.As soon as they click on the download link the page hangs and times out.The page starts an ftp session to download the file.It turns out that every FTP site can't talk back to the source computer.
But, if i use a VPN tunnel i can access ftp sites with no problems.
I know it not a firewall problem.I made an any any rule.
I was think its a NAT issue but i can't get it to work.I think this because, if i use a packet sniffer i can see that tunneled traffic is using NAT transveral.Can some one shed some light on this problem.Is It a setting i'm missing?
Thank in advance.

 

[pjevnisek]

I had the same issue and took me weeks to find a solution. The issue showed up after I upgraded to s/w version 6.00.310. Don't ask why but this is what I had to do to fix it. It doesn't make any sense and I figured it out by fluke. It looks to me its a bug in the code.
Browse to Service - Firewall/NAT. Click "Edit" next to Contivity Firewall. Set the logging features to Traffic and Policy Manager only! Click OK. If it still doesn't work you may have to try toggling the "User Passive FTP" setting in Internet explorer.

 

[sco88]

Thanks for the Reply.I don't have an option for traffic and policy manager Only.Under logging i have the option for None/Brief/Detail or Trap.Am i missing something?My fire wall rule looks like this:
Any(SrcInterface)-Any(DstInterface)-Any(source)-Any(Destination)-Accept(action)-Detail(logging).
I have this under override rules.Do you remember if you have a NAT rule as well as a firewall rule?
My version of Contivity is 06_00.151.I would love for this to be the problem.I find it hard to believe that ftp is causing such a problem.

 

[sco88]

pjevnisek, you were right.That was the solution.As long as NAT logs are unchecked, ftp works.Thanks