We have a bunch of files that we created that we need to upload via ftp to a remote server through the PA. The files trip the virus detector in the PA. Here's a syslog entry with some identifying information changed: 2014-06-16T15:22:31+10:00 10.84.1.33 [user warning] 22:31,000XXXXXXX,THREAT,virus,1,2014/06/16 15:22:25,10.84.20.250,50.28.93.0,0.0.0.0,0.0.0.0,I2E-ftp-rule-ftp,,,ftp,vsys1,Interior,External,ethernet1/2,ethernet1/1,mylog,2014/06/16 15:22:30,41521,1,36871,32182,0,0,0x0,tcp,deny,"myfile-06.06.0000-Beta-win64.exe",Virus/Win32.WGeneric.cpfjf(2455553),any,medium,client-to-server,236674,0x0,10.0.0.0-10.255.255.255,United States,0, I scanned these files with several AV programs including clamav and I was able to upload it to virustotal (through the PA!) where it scanned completely clean. If I turn off virus checking on our ftp rule then someone may be able to download files with viruses so I don't want to do that but we need these files uploaded. How to do that?
... View more