Hi Gurus.

Situation:
----------
Central managed CP on Splat R61
Remote X-edge Embedded NGX-6.0.76x

SmartDefence on the R61 have this configuration in ApplicationInteligence:
FTP
|--> FTP security server
|--> Block Port Overflow turned off (not checked)
|--> Blocked FTP command with all commands inside the "allowed commands list"

SmartDefence on the NGX-6.0.76x have this configuration:
FTP
|--> Block Port Overflow: Action None (via web interface)
|--> Blocked FTP command: Action None (via web interface)
no blocked commands

Problem:
--------
I install the policy on the xEdge via SmartConsole
and the settings change into:
FTP
|--> Block Port Overflow: Action Block
|--> Blocked FTP command: Action Block
no blocked commands

Symptoms:
- Nobody is able to setup an FTP session trough the xEdge.
- The logs are like this one:
Product: VPN-1 Edge
Origin: xEdge
Type: Log
Action: Reject
Protocol: tcp
Service: ftp (21)
Source: a.a.a.a
Destination: b.b.b.b
Rule: -22
Source Port: 3097
Attack Name: FTP Illegal command
File Direction: Outbound
Information: msg: Packet logged

- If I try to change the setting on the xEdge: "Error: This configurable item is remotely managed."
- xEdge Restart ==> no problem If I try to change the setting on the xEdge
and all the FTP session run correctly.

I think that's a bug.
Waiting the bug-resolution,
I would like to know if is it possible to disable the "Smartdefence agent" on the xEdge?

Regards

Corrado

I posted the problem and I found the solution(workaround?).
Add a new TCP_service on the smart console:
ftp-basic
port 21
advanced tab: Protocol Type="FTP_BASIC"
Install the policy
Than on the xEdge, if I try to change the setting from "block to "none" you will not see: " Error: This configurable item is remotely managed" but a simply:" Saved successfully"


Bye I hope it will help someone else

Corrado