Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Secure File Transfer Protocol (SFTP) is not working in InterScan Web Security Virtual Appliance (IWSVA)

    • Updated:
    • 23 Aug 2018
    • Product/Version:
    • InterScan Web Security Virtual Appliance 5.6
    • InterScan Web Security Virtual Appliance 6.0
    • InterScan Web Security Virtual Appliance 6.5
    • Platform:
    • N/A N/A
Summary

It is not possible to send files via Secure File Transfer Protocol (SFTP) when using WINScp or FileZilla and setting IWSVA 6.5 SP2 as a proxy.

Details
Public

To resolve the issue, do the following:

  1. Log on to IWSVA as root via SSH (for example with a SSH shell such as PuTTy).
  2. Configure the parameters in the /etc/iscan/network.ini file as follows using a text editor such as vi:

    #vi /etc/iscan/network.ini
               #socks5 proxy settings
               socks5_proxy_enabled=yes
               socks5_proxy_port=1080

  3. Run the following commands:

    • To restart the interfaces:

      #service network restart

    • To restart the IWSVA services:

       
      This will interrupt the network traffic for a few minutes so plan accordingly.

      #/etc/iscan/rcIwss restart

  4. Allow port 1080 in the firewall.

The following is an example to connect to a SFTP server using the FileZilla client software:

site manager setting 1 in filezilla

site manager setting 2 in filezilla

socks 5 proxy setting in filezilla

IWSVA supports proxying the SFTP traffic, but it does not scan it (it will just tunnel it); this is by design.

Following internal testing, using the same proxy port for SFTP traffic and HTTP traffic is not supported.

For the complete list of the SFTP settings that are possible to configure in IWSVA, refer to this KB article: Enabling SOCKS5 proxy in InterScan Web Security Virtual Appliance (IWSVA) 6.5 Service Pack 2.

Premium
Internal
Rating:
Category:
Configure
Solution Id:
1120598
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.