SmartFTP and software firewall compatibility

Aokromes

2004-02-04 05:06:24

I have seen that few users have troubles with their firewalls and SmartFTP here goes a list of firewalls that i have tested and they work with SmartFTP without trouble:

Agnitum Outpost Firewall 1.0.1817.1645
Agnitum Outpost Firewall Pro 2.0.225.2919
Armor2Net Personal Firewall v3.10
Bullguard Firewall
Deerfield Visnetic Firewall v2.2
ESET Smart Security Public Beta 1
Etrust Ez Firewall v3.7.179
Kerio Personal Firewall 4.0.10
Look'N'Stop 2.04
McAfee Internet Security Suite 7.00 (2005)
Mcafee Personal Firewall Plus 5.0
Nforce 4 hardware firewall
Norton Internet Security 2005
Norton Personal Firewall 2004
Sygate Personal Firewall 5.5.2525.0
Tdifw
Tiny Personal Firewall 5.5.1288
Tiny Firewall Pro 6.0.110
Windows XP BuiltIn Firewall
Windows XP SP 1 Final BuiltIn Firewall
Windows XP SP 2 Final BuiltIn Firewall
ZoneAlarm 4.5.538.0 & Pro
ZoneAlarm 5.5.062.0 & Pro

If your software firewall doesn't seem to work with SmartFTP make sure you have the latest update of the firewall software installed.

If you know a software firewall which works with SmartFTP but is not listed here feel free to post it. Thank you.

Important Notice
It's not recommend to have 2 firewall software applications enabled at the same time. Disable one of them. For example if you have Windows XP installed and a 3rd party firewall software, disable the Windows XP firewall.

Devil

2004-07-08 07:20:26

One stumbling block with firewalls is a default feature of Win XP.

It may be necessary to stop Application Layer Gateway Service (Control Panel|Administrative Tools|Services) before anything can happen with SFTP.

jcaiken

2004-08-08 01:28:59

I understand that early versions of ZoneAlarm 5 may have some problems - see the ZoneLabs user support.

Also check out AntiFirewall as this looks like a simpler way to handle FTP through a firewall.

2004-08-08 03:43:53

The windows XP firewall is enabled on all my machines and I never had a problem with it and SmartFTP. The only thing I can think about is if the user was "Blocking" SmartFTP in the message prompt of the XP firewall on the first startup of SmartFTP.

If anyone knows what causes the problem with SmartFTP please give me/us a hint. Thanks in advance.

trucotal

2005-06-21 00:03:03

it works fine with the Bullguard Firewall

monaco-o

2005-08-07 01:10:26

Hi,

SmartFTP works fine with tdifw (http://tdifw.sourceforge.net/). You just need to edit the config file to allow SmartFTP going out.

Okay, it's not a friendly firewall like the previous, but....

Olivier

hanbing135

2005-09-12 01:27:02

most firewall will be ok working with smartftp

Aokromes

2005-11-24 11:38:53

Added nforce 4 hardware firewall to list.

mparent

2006-02-02 03:57:25

for anyone who is interested, I did have a problem with Dlink DI624 router and the firewall. I tried setting up rules and none worked. But when I checked the virtual ftp port 21 option box on the advanced tab and entered my uplink server ip address, everything connected fine.
Mark

feverdog

2006-02-07 11:12:51

I'm currently experiencing difficulties with the latest version of ZoneAlarm, despite having given SmartFTP full privileges, it seems to be blocking SmartFtp from entering passive mode, as illustrated here:
227 Entering Passive Mode (80,189,254,239,49,217)
Opening data connection to 80.189.254.239 Port: 12761
MLSD
425 Can't open data connection.
Automatic failover of data connection mode from "Passive Mode (PASV)" to "Active Mode (PORT)"

It works just fine with ZoneAlarm off, but I wouldn't know how to get it to allow SmartFTP access to the necessary ports. Any suggestions?

eyebex

2006-02-07 15:11:36

As it depends on the server which ports are used for PASV mode, you need to allow SmartFTP for *all* outgoing ports.

cdtkoenig

2006-03-03 14:24:51

Just had a problem with WinXP SP2. Couldn't connect to the ftp server. Turned windows firewall off and it connected!

Checked the exceptions list and Smartftp client was listed, so it should have worked with the firewall on.

puters!!

I had the login sequence hang problem recently on all my XP SP2 computers (firewall ON) ONLY when users tried to connect a local WU-FTP 2.6.2-5 based server running on redhat Linux 7.3.
Local solaris and debian based FTP server (WU-ftp or SUN-ftp) were working perfectly for the same users !
I finally solved the pb by openning the port 113 on my XP computers (even if ident is not activated in smartFTP).
Hope it wil help

T-B0N3

2006-05-04 09:50:11

I'm currently experiencing difficulties with the latest version of ZoneAlarm, despite having given SmartFTP full privileges, it seems to be blocking SmartFtp from entering passive mode, as illustrated here:
227 Entering Passive Mode (80,189,254,239,49,217)
Opening data connection to 80.189.254.239 Port: 12761
MLSD
425 Can't open data connection.
Automatic failover of data connection mode from "Passive Mode (PASV)" to "Active Mode (PORT)"

It works just fine with ZoneAlarm off, but I wouldn't know how to get it to allow SmartFTP access to the necessary ports. Any suggestions?

Hi guys. I have the same issue with smartftp like feverdog has, the only difference is that I'm running on a windows machine with no other firewall installed other than the windows standard. Another thing is that all the computers in my network go through a network-firewall and then through a router. Most of the times when I try to connect using the smartftp my internet connection goes offline (not the 2 computers in the taskbar), but only in terms of working .... it goes off for about 30-45 seconds. Afterwards it reconnects automaticly and the client starts trying to connect again .Usually it takes me ... 30 - 45 minutes to actually establish a connection to a server (happens on all servers). When I connect I don't disconnect anymore ... cause I'm afraid it won't reconnect.

Ideas ?

SeanFromSoCal

2006-06-14 08:26:26

JasonDKing

2006-07-07 16:31:00

I was getting the following problem with Norton Internet security 2005

A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.

The following responses from Symantec technical help resolved it.

A)

This issue can occur due to the configuration of Norton Personal Firewall (NPF). In order to resolve the issue, I suggest that you create a rule allowing the Ports 20 and 21. Please follow the steps provided below:

1. Open NIS.
2. Double-click Personal Firewall.
3. Click Advanced tab.
4. Click General rules.
5. Click Add. The Add Rule screen appears.
6.Select Permit Internet Access, and then click Next.
7. Select Connections to and from other computers, then click Next.
8. Select Any computer, then click Next.
9. Select TCP and UDP.
10. Select Only the types of communication or ports listed below.
11. Click Add.
12. Select Known ports from list.
13. Navigate down the list and place a check mark next to Ports 20 and 21 (FTP), then click OK.
14. The Add Rule screen appears displaying port 20 and port 21.
15. Click Next.
16. Place a check mark in the box next to "Create an event log entry", then click Next.
17. Type a description name for the rule you just created, for example: FTP, then click Next. An Add Rule screen appears, displaying a description of the rule you just created.
19. Click Finish.
20. The General rule screen appears. Navigate to the end of the list and you will see the new rule that you just created.
21. Click OK. The main NIS screen appears. You will now be able to make an FTP connection.

Also, please note that it is necessary that you set your FTP client to make a passive FTP connection. This forces the FTP client to establish the full connection, rather than leaving part of the connection to the server. To configure Passive FTP within Internet Explorer, please perform the steps provided below:

1. Open Internet Explorer.
2. Click Tools, then choose Internet Options. The Internet Options screen appears.
3. Click the Advanced tab.
4. Navigate to the Browsing section.
5. Place a check mark in Use Passive FTP for compatibility with some firewalls and DSL modems.
6. Click Apply. The changes you just made are saved.
7. Click OK. The Internet Options screen closes.

In most cases, this issue can be resolved by unchecking the "Unused Windows Services Block" setting in Norton Personal Firewall (NPF). To do this, I suggest that you follow the steps provided below:
Open Norton Internet Security (NIS) 2005.
Click on Norton Personal Firewall (NPF).
Click Configure button.
Click on Advanced Tab.
Click "Trojan Rules"
Uncheck "Unused Windows Services Block", (all the way at the bottom of the list)
Click OK.
Check if the issue persists.

gavamm

2006-10-04 01:34:15

Microsoft ISA Server 2000 anyone??

I've found it to be sporadic, I've opened the ports on the ISA firewall, but each time I upgrade SmartFTP I find that I have to play around with the settings a bit before it will work again.

Is there a known setting that I should use?

Thanks.

sce

2006-10-07 23:04:20

Aokromes

2007-04-11 04:17:44

Added: ESET Smart Security Public Beta 1

madison

2007-06-10 13:42:39

I think it is a good choice .

jeffld

2007-09-26 23:45:52

If anyone knows if CheckPoint firewall works (or not) with SmartFTP please let me know.

2007-09-27 00:06:11

Hello ..

Yes of course it works. Select the correct FTP Proxy type in the FTP -> Connection -> Proxy settings of your favorite.

Regards,
Mat
SmartFTP

2010-03-08 12:13:28

All firewalls work with SmartFTP. If SmartFTP is being blocked by your software firewall, add SmartFTP to the exceptions in your software firewall settings.