Hello everybody,
I am trying to make FTPS server home, behind the UTM, but it does not work and cannot figure it out. My setup:
-I have a dynamic public IP address with DYNDNS.
-Filezilla FTP server is accessible from within my LAN (all good). Also, i have configured the range of passive ports in the server.
-on UTM i have configured the DNAT rules for port 21, 990 and the passive range of ports; anyone who comes from any port, towards my external IP address, should get redirected to the internal FTP server on the same dst ports (21,990, and passive range)
-on UTM the FTP tracker helper is enabled
I don t have webfiltering, I have IPS but it is the same with it disabled.
When i try to initiate a connection from outside, towards my FTP server, the FTP client reports:
"Connecting to (my ext IP):21
Connection established, waiting for welcome message...
Connection timed out after 20 sec of inactivity" -> and here it dies
If i check the firewall logs, i can see there is a lot of traffic being droped
86.121.3.79 is my ext IP address
10.2.2.249 is my internal FTP address
82.137.10.26 is one of the ISP's address
00:1b:21:17:b2:85 is the MAC add of my internal interface (LAN)
THe log gets filled with the above traffic, when trying a session.
As you see, while trying a connection from outside, traffic matches NAT rule #2 but then 82.137.10.26 tries to do the same directly with 10.2.2.249 and it gets blocked (ofc). Why is this traffic happening? What is the explination? How can i make it work?
Thanks you
This thread was automatically locked due to age.
