Endpoint Protection

 View Only

  • 1.  FTP Server block

    Posted Nov 16, 2015 12:42 AM

    I am not pretty good in firewall thing and I want to create a rule to block incoming connections to any clients on port 21. How can I do this ?



  • 2.  RE: FTP Server block

    Posted Nov 16, 2015 01:28 AM

    You can select blocked incomeing connection.

     

    To add a new firewall rule using a wizard

    1. In the console, open a Firewall policy.

    2. On the Firewall Policy page, click Rules.

    3. On the Rules tab, under the Rules list, click Add Rule.

    4. In the Add Firewall Rule Wizard, click Next.

    5. In the Select Rule Type panel, select one of the types of rules.

    6. Click Next.

    7. Enter data on each panel to create the type of rule you selected.

    8. For applications and hosts, click Add More to add additional applications and services.

    9. When you are done, click Finish.

    10. Optionally, you can customize the firewall rule criteria as needed.

    11. If you are done with the configuration of the rule, click OK.

    https://support.symantec.com/en_US/article.HOWTO81156.html#v8148322



  • 3.  RE: FTP Server block

    Posted Nov 16, 2015 04:51 AM

    1) Open the firewall policy and go to Rules tab.

    2) Highlight the first rule in the page and click on "Add Blank Rule" button at the bottom. This will add a new blank rule at the top of the rules list. If you want, you can double click on the name of the rule and change it.

    3) Right click on the "Action" cloumn of this rule and select "Block".

    4) Right click on the "Services"column of this rule and click "Edit".

    5) On the "Service List" box, check the box named "FTP Server" and click OK.

    FTP Service 1.PNG

    6) Now the rule is ready and should look like this.

    FTP Rule.PNG

     

    Note: This will block incomming traffic on local port 21 and outgoing traffic on local port 20 as per the default service available in the list.

    FTP Service 2.PNG



  • 4.  RE: FTP Server block

    Posted Nov 16, 2015 06:31 AM

    Thanks Syed for helping me out here

    I configurde this rule but i need to define the outgoing traffic on dynamic port not on 20 in my case how I can do this



  • 5.  RE: FTP Server block

    Posted Nov 16, 2015 06:49 AM

    This is the default rule to block FTP so it may not work for you.

    Setup a new network service for FTP and configure what fits for you. This article walks you thru it:

    Adding network services to the default network services list



  • 6.  RE: FTP Server block

    Posted Nov 16, 2015 07:18 AM

    To block only port 21, On step 5, instead of checking "FTP server", click "Add" and configure as in the below screenshot and click OK.

    .FTP21-1.PNG

    After clicking on OK, the services list will appear as follows.

    FTP21-2.PNG

    Click OK again and that should do it.