Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 2 subscribers
  • Views 2062 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Plain vanilla FTP not working

ljorg
I'm completely new to Astaro so please excuse my ignorance.

I've read the online documents about FTP, but I can't get a plain vanilla FTP session going between a client on the outside and a server on the inside. I have:

OUTSIDE:
client 192.168.1.29
Astaro: 192.168.1.100
ftp-alias: 192.168.1.23

INSIDE:
Astaro inside_inf: 172.31.4.223
ftp_server: 172.31.4.23
FTP-server's default gateway: 172.31.4.223

PACKET FILTER:
From any, to any, port any: allow
From inside_network, to any, port any: allow

MASQ/DNAT/SNAT:
MASQ: Network inside_network, interface outside
SNAT/DNAT: source any, dest ftp-alias, port ftp-control -> source inside_inf, dest ftp_server
SNAT/DNAT: source any, dest ftp-alias, port ftp -> source inside_inf, dest ftp_server

I can log into the ftp server, but I can't do anything, either passive (tried Internet Explorer) or active (tried microsoft ftp client).

I tried setting up a telnet rule, and that works fine, so I know I can connect to my ftp-server through the Astaro box.

What am I doing wrong?


This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to ljorg
    I can't understant your NAT definition, by the way, if I remember well FTP client start the connection using Port 21 (FTP-Control) and the server answer back and open a new connection in FTP-data on port 20, so if you want your FTP server to be accessed from the outside you need a DNAT (from outside to the inside) on port 21 and a SNAT (from the inside to the outside) on port 20:21.

       hope to be of any help
      Andrea