How to Check if Sftp Port Is Open
- Home
- Networking
- SonicWALL
Hi,
I have a requirement to send data through SFTP port 22 to a remote vendor.
I have made the service object ( TCP port 22-22)
There is already an access rule for Lan - Wan any - any - any,
So my thinking is this should now include the newly created service object 22?
Have even created my own, form Lan- Wan - Source port 22 with no luck.
Have connected from my mobile data and worked fine so not the remote server.
The firewall logs show the outbound connection to SFTP but not being blocked.
Have tried the Wizard public server guide and followed that through.
Error on Filezilla
Error: Connection reset by peer
Error: Could not connect to the server
Any help would be great.
You will either have to make an exception for category 76 in your application control or allow that category.
24 Replies
Have you contacted the vendor about it? It sounds like it might be on their end as it looks like you covered everything on your end.
Why would you need to open an outbound port to upload to a vendor SFTP server unless your network has outbound locked down? They should be opening a port for you based on your WAN IP address.
Thanks for the reply, I connected through my mobile data and could successfully make a connection. So not the vendor ( for once )🤓
Rockn they give me an IP and port as well as a username and password for authentication
By default outgoing traffic is in the clear. No rule should be needed unless you really locked things down beforehand
Have you checked the hidden config on the SonicWall? There some shit in there about FTP might be related to your issue.
- Telnet into the sftp server from your server. If a connection is made, then you know that ports and such are not the issue as your server is connected to sftp on port 22 to that server - so sftp is working.... At that point i would be looking into the client you are using to make the connection.
Noel8542 Hi thank you for your response, I can telnet to the address and get a blank screen which I presume is correct, and connection succeeded.
I have also used winscp as the ftp cleint with the same results.
using the same laptop with my pones connection with filezilla or winscp the connection succeeds and connects me to the vendor.
You can also install Filezilla locally and use port 22 instead of the default port 21 for FTP.
Rockn hi - Yes on filezilla I choose the SFTP from the dropdown and port 22. no dice! 😊
Is your local firewall or AV on the computer blocking this?
Rockn Local firewalls are turned off
Look at the firewall logs to see if it is actively being blocked. If it is you need to create an address object for your computer in the office and one for the remote IP address.Then create an access rule
So you are trying to connect to SFTP, it should allow it from LaN to WAN by default unless you have setup blocks. However what you need to do is whitelist the WAN External IP of the SFTP server in the Content Filtering Exclusion list. Then it should work.
dbeato Rockn Hi both have down that still the same, I have attached the firewall logs if you don't mind taking a look. Doesn't show this connection being blocked.
That's application control, so check that.
You will either have to make an exception for category 76 in your application control or allow that category.
dbeato I have attached the application control image says protocol not blocked. also tried turning off app control to test no joy,
Rockn see attached application protocol not blocking & have also tested with application control off
I guess that is just an alert in the logs. If you can use a terminal to access it via putty or similar you are probably having a misconfiguration (passive/active) setting that needs changing in Filezilla. Check those logs when trying to connect.
Rockn dbeato Hi Both - You was both bang on the money with application control, disabled it again today but give to a few minutes and can now connect with SFTP,
Thank you - I Just had a vendor insist that I open port 22 on the firewall for SFTP and this didn't make any sense. I have a fortgate firewall and IPS was on LAN > WAN and this was blocking the SFTP connection. After turning off IPS fixed allowed this to go through. I'll now have to figure out exactly what to change so we can turn IPS back on.
This topic has been locked by an administrator and is no longer open for commenting.
To continue this discussion, please ask a new question.
How to Check if Sftp Port Is Open
Source: https://community.spiceworks.com/topic/2223682-open-port-22-on-sonicwall
0 Response to "How to Check if Sftp Port Is Open"
Post a Comment