Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Disable portscan check for internal server
  •  
Dukeman

Messages: 57
Karma: 6
Send a private message to this user
I've got an internal server which backups file by FTP to an external server. Mostly it processes a lot of files at a time.

Often connections are blocked by Control because Control sees them as Port scanning and therefor blocks it.

Information from Security Log:
[date] IPS: Port Scan, protocol: TCP, source: ....

I've already created a separate traffic rule for this FTP traffic, where content checking is disabled, however connections are sometimes still blocked.

Is it possible to disable port scan checking for a specific server/traffic rule?

Thanks,
Barry
  •  
Dukeman

Messages: 57
Karma: 6
Send a private message to this user
Little kick, any possibilities/options to solve this problem?
  •  
mlee (Kerio)

Messages: 246
Karma: 16
Send a private message to this user
AFAIK, IPS does not drop portscan, it only logs an entry in the security log.

Are you sure IPS is the reason of the failed transfer?

PTSD. BP. OCD. ASPD. BPD. Certified.
  •  
Dukeman

Messages: 57
Karma: 6
Send a private message to this user
Thanks for your response mlee. It looked like it was/is blocked by IPS, because of the many lines in the logs about the port scan (of which I though it would block any connections temporarely from the remote computer).
The FTP application stops it jobs stating the connection was broken and could not reconnect. The remote FTP server is available however. So I assumed Kerio blocked connections...

Have to do some extra investigation however...
  •  
mlee (Kerio)

Messages: 246
Karma: 16
Send a private message to this user
Please tried disabling IPS, or disable inspector with the FTP traffic rule.

M.

PTSD. BP. OCD. ASPD. BPD. Certified.
  •  
Dukeman

Messages: 57
Karma: 6
Send a private message to this user
The inspector is already disabled for this rule.
Source of this rule is the FTP client, Destination is the FTP Server, Service is set Any, Inspector is none.

I rather not turn off IPS, because a lot of traffic is (correctly) blocked and I'm having several servers running behind Kerio. The FTP backup takes some time (couple of hours), so it would be off for a long time.
Previous Topic: Problem with Realtek RTL8111G
Next Topic: Particular network traffic lost!
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Mon Mar 27 12:43:42 CEST 2017

Total time taken to generate the page: 0.00939 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.