Is Kerberos FTP Supported? (KB ID: KB4425)
| Article ID: | KB4425 |
|---|---|
| Former Article ID: | ns10488 |
| Published: | Feb 15, 2006 |
| Last Modified: | Feb 15, 2006 |
| Visible By: | Employee, PTAC, Partner, Customer, Public |
Back to Previous Page | Knowledge Base Home
Article URL
Synopsis
Is Kerberos FTP Supported?
Problem
Solution
This article applies to ScreenOS 4.0 and higher.
Kerberos FTP (KFTP) is not supported as of ScreenOS 5.0.0r8. The KFTP control channel is encrypted and the ScreenOS is unable to monitor this traffic to allow a data channel to be created. There are possible workarounds:
- Create a custom service using a range of ports. For more information, go to Configuring a Custom Service.
- Create an Any Any Any policy for a specific IP address. For more information, go to Creating a Policy Using a Custom Service.
From a security standpoint, neither of these are recommended, as a large number of ports would be open and unprotected.
Category Description
By Product » Hardware » Firewalls » NetScreen Firewall/IPSec VPN » NetScreen-5GT
By Product » Hardware » Firewalls » NetScreen Firewall/IPSec VPN » NetScreen-5XP
By Product » Hardware » Firewalls » NetScreen Firewall/IPSec VPN » NetScreen-5XT
By Product » Hardware » Firewalls » NetScreen Firewall/IPSec VPN » NetScreen-25
By Product » Hardware » Firewalls » NetScreen Firewall/IPSec VPN » NetScreen-50
By Product » Hardware » Firewalls » NetScreen Firewall/IPSec VPN » NetScreen-204 (EOL)
By Product » Hardware » Firewalls » NetScreen Firewall/IPSec VPN » NetScreen-208 (EOL)
By Product » Hardware » Firewalls » NetScreen Firewall/IPSec VPN » NetScreen-5200
By Product » Hardware » Firewalls » NetScreen Firewall/IPSec VPN » NetScreen-5400
By Product » Software » Network Operating Systems » ScreenOS Software
By Network Technology » Network Management » File Transfer » FTP
Purpose
Troubleshooting