11-16-2011 03:02 AM
After upgrading to version 4.1.0 on my PA2050 in HA (Active-passive) passive FTP is no longer possible to our FTP server.
When users logon they timeout on the MLSD command (in binary mode)
I'm looking at NAT because the issue does not arise when accessing the same server from within the network. The FTP server is in the DMZ and doesn't NAT for internal users, but it has a bi-directional NAT behind a static public IP for untrusted users.
Active FTP works fine.
I did remove the vulnerability profile to test: problem still exists
11-22-2011 07:52 AM
I was just notified that the bug has been fixed in the 278 Content version. I have not yet confirmed this as the 278 isn't available for download/install yet.
When it is available, you will go to Device -> Dynamic Updates. At the bottom of the screen press "Check Now" to update the page with the latest release information. Under Applications and Threats check for 278 or greater and download/install.
11-22-2011 02:35 PM
content version 278 appears to be available for download at this time on the update servers.
11-23-2011 01:12 AM
I've upgraded the Application and Threat content to version 278 and in my tests this problem still exists.
It would appear that it allows the ftp file upload but the file is corrupted and the ftp session itself will hang and has to be forced closed.
Come on Palo we need a fix for this ASAP please. This is seriously going to impact our business communications.
12-13-2011 05:48 AM
We had the same problem as well for a couple of weeks and problem was resolved after Content Update 278.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!