NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

jasonfpeter's avatar
jasonfpeter
Follower
Mar 02, 2017
Solved

FVX538 SFTP

After a recent failure of a FVX538, a replacement was put into place (I had a spare), and I imported the previous failed unit's config.  But now my SFTP is not working (whereas everything else it).

 

I am unable to get my FVX538 to accept SFTP over port 22.  I have verified that my SFTP server is operating properly and have tried to telnet to the machine behind the firewall over port 22 and it is closed, yet the rule is clearly setup correctly. 

 

What DOES work is creating a new custom rule to have a service on 1022 (let's call that service SFTP1022) and creating an allow always rule to direct traffic inbound on 1022 to port 22 to the IP address where the SFTP server is.  This proves if I'm not mistaken that the machine which is the SFTP server is listening properly on 22 and accepting the traffic.  However when the rule is the default SFTP service and the allow rule uses that, the firewall blocks the traffic. 

 

Here is what the log says:

2017 Mar  2 11:19:04 [FVX538] [kernel] LOG_PACKET[DROP]  IN=WAN  OUT=SELF src=74.83.XXX.XXX DST=74.126.XXX.XXX PROTO=TCP SPT=57765 DPT=22

 

Any ideas?

Troubleshooting
  • JohnRo's avatar
    JohnRo
    Mar 03, 2017

    Hello jasonfpeter, 

     

    Welcome to the community! 

     

    The first thing that came to my mind is there is a chance that the config file is corrupted or there is a chance that the router that died have a different firmware version than the one you are using. My advice is to remove the inbound rule that is already created and then re-enter it on the inbound rules table. 

     

    Thanks,

2 Replies

  • JohnRo's avatar
    JohnRo
    NETGEAR Employee Retired
    Mar 03, 2017

    Hello jasonfpeter, 

     

    Welcome to the community! 

     

    The first thing that came to my mind is there is a chance that the config file is corrupted or there is a chance that the router that died have a different firmware version than the one you are using. My advice is to remove the inbound rule that is already created and then re-enter it on the inbound rules table. 

     

    Thanks,

    • JohnRo's avatar
      JohnRo
      NETGEAR Employee Retired
      Mar 06, 2017

      Hi jasonfpeter, 

       

      We’d greatly appreciate hearing your feedback letting us know if the information we provided has helped resolve your issue or if you need further assistance.
      If your issue is now resolved we encourage you to mark the appropriate reply as the “Accepted Solution” so others can be confident in benefiting from the solution. The Netgear community looks forward to hearing from you and being a helpful resource in the future!

       

      Thanks,

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More