I hope OP will forgive me for hijacking this thread. I too have a client behind the firewall trying to connect to an FTP site. The session end is always noted as tcp-rst-from-client. It's an IoT-thing, so I did a packet capture and see the device connect, log-in (plaintext password - ick!) and navigate to the desired directory, change to binary, attempt to get a file, after that fails, set passive and try to get the file again. My capture shows the client request the get, and the server attempt to send, but the client never gets the packet. I put my laptop in the client's spot and tried from my FTP client - same resuts. Each get times out. apparently the PA220 is eating the reply packet, yet I can't find loggin to that effect. Where do I look next?
... View more