03/26/2020 29 People found this article helpful 459,724 Views
From a private Zone (such as LAN, DMZ) it's possible to get access to the FTP Server, but from the Wan Zone the access to the folders is denied.
If you run a packet capture, the packets should be correctly forwarded to the Server but the FTP Server should display an error as shown below:
425 Can't open data connection for transfer
It could be possible that the FTP Server doesn't accept an inbound connection from a source IP address that is Public.
Be sure to configure the FTP Server as shown in the following guide:
Configuration for a Passive Mode FTP Server behind the SonicWall. (SW10090)
A workaround would be to change the public source IP to a private source IP using a NAT policy.
Example below:
Original Source : ANY
Translated Source : A private IP address
Original Destination : FTP Server Public (typically X1 or a WAN interface)
Translated Destination : Private IP address FTP Server
Original Service : FTP Custom Group
Translated Service : ORIGINAL
Inbound Interface : X1 (or the WAN interface used)
Outbound Interface : Any
You should now be able to get access to the folders of the FTP Server.