Reply

FVX538 SFTP

jasonfpeter
Follower

FVX538 SFTP

After a recent failure of a FVX538, a replacement was put into place (I had a spare), and I imported the previous failed unit's config.  But now my SFTP is not working (whereas everything else it).

 

I am unable to get my FVX538 to accept SFTP over port 22.  I have verified that my SFTP server is operating properly and have tried to telnet to the machine behind the firewall over port 22 and it is closed, yet the rule is clearly setup correctly. 

 

What DOES work is creating a new custom rule to have a service on 1022 (let's call that service SFTP1022) and creating an allow always rule to direct traffic inbound on 1022 to port 22 to the IP address where the SFTP server is.  This proves if I'm not mistaken that the machine which is the SFTP server is listening properly on 22 and accepting the traffic.  However when the rule is the default SFTP service and the allow rule uses that, the firewall blocks the traffic. 

 

Here is what the log says:

2017 Mar  2 11:19:04 [FVX538] [kernel] LOG_PACKET[DROP]  IN=WAN  OUT=SELF src=74.83.XXX.XXX DST=74.126.XXX.XXX PROTO=TCP SPT=57765 DPT=22

 

Any ideas?

Message 1 of 3

Accepted Solutions
JohnRo
NETGEAR Employee Retired

Re: FVX538 SFTP

Hello jasonfpeter, 

 

Welcome to the community! 

 

The first thing that came to my mind is there is a chance that the config file is corrupted or there is a chance that the router that died have a different firmware version than the one you are using. My advice is to remove the inbound rule that is already created and then re-enter it on the inbound rules table. 

 

Thanks,

JohnRo
NETGEAR® Community Team

View solution in original post

Message 2 of 3

All Replies
JohnRo
NETGEAR Employee Retired

Re: FVX538 SFTP

Hello jasonfpeter, 

 

Welcome to the community! 

 

The first thing that came to my mind is there is a chance that the config file is corrupted or there is a chance that the router that died have a different firmware version than the one you are using. My advice is to remove the inbound rule that is already created and then re-enter it on the inbound rules table. 

 

Thanks,

JohnRo
NETGEAR® Community Team
Message 2 of 3
JohnRo
NETGEAR Employee Retired

Re: FVX538 SFTP

Hi jasonfpeter, 

 

We’d greatly appreciate hearing your feedback letting us know if the information we provided has helped resolve your issue or if you need further assistance.
If your issue is now resolved we encourage you to mark the appropriate reply as the “Accepted Solution” so others can be confident in benefiting from the solution. The Netgear community looks forward to hearing from you and being a helpful resource in the future!

 

Thanks,

JohnRo
NETGEAR® Community Team
Message 3 of 3
Top Contributors
Discussion stats
  • 2 replies
  • 3148 views
  • 0 kudos
  • 2 in conversation
Announcements