It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see End-of-Support for CloudGen Firewall Firmware for further information on our EoS policy.

How to Use the FTP Plugin Module

  • Last updated on

Because an active FTP session transfers data over a randomly chosen port, apply the FTP plugin module to your service objects to ensure that only the chosen port is opened for these types of connections. Active FTP sessions use port 21 to establish connections, and then the client and the server use a port from 1024 through 65535 to send and receive data. With the FTP plugin module, the Barracuda CloudGen Firewall listens to the two FTP partners and opens the chosen port for the connection.

The following diagram illustrates how data is transferred in an FTP session that is established through the Barracuda CloudGen Firewall with the FTP plugin module. After an initiating request on port 21, the server answers with port 24500. All subsequent traffic uses port 24500. The FTP plugin module indicates that no Port Address Translation (PAT) is performed for FTP data sessions, even if the firewall session is NAT'd.

fw_ftp_plugIn.png

Add the FTP Plugin Module

To add the FTP plugin module in a service object:

  1. Go to CONFIGURATION > Configuration Tree > Box > Virtual Servers > your virtual server > Assigned Services > Firewall > Forwarding Rules.
  2. In the left menu, click on Services
  3. Click Lock.
  4. Right-click the table and select New. The Edit/Create Service Object window opens.  
  5. Create a service object or edit an existing service object.
  6. In the Edit/Create Service Object window, double-click a service.
  7. In the Service Entry Parameters window, select ftp from the Plugin list.
    ftp_plugin.png
  8. Click OK.
  9. Click Send Changes and Activate.