LAN on port 1 of firewall, NAS on port 2 in a DMZ. T15 is the DHCP server. Policies in place to allow the internal trusted traffic to access the NAS and it works fine. Policies are in place to allow a white listed IP group to access the NAS as optional traffic and they can connect but but not authenticate. T15 logs only show the optional traffic was “allowed” - no deny.
I assume my issue is that I refuse to open 3 million ports to allow the NAS FTP server to push T15 external traffic back to the client so…
Is there a switch I can run with the FTP server on startup to limit external traffic to, say, just the 50 ports I designate since we aren’t that large a company? Does this FTP server have a config file to limit activity?