Problem: FTP Connect - Active Fails - Passive OK
If we connect to our FTP Server on the Local LAN (Netware FTP) we can use Active or Passive mode connection ie Port 21 in for Connection Port 20 for DATA and then the connection is made as there are NO restrictions (Local LAN)
If we connect over the Internet to EXTERNAL address or via an ASTARO VPN (PPTP in this case with Filtering set to ANY-ANY) we can use Passive MODE but NOT active mode.
Packet filters are set up using the FTP Service definition
SNAT/DNAT is set to allow FTP to the HOST server
We have the Connection Tracking Module ON
We can see no way of using ACTIVE FTP via an Astaro (version 6.201) Device ASG220.
We understand the cause as the FTP session in ACTIVE mode makes the Authentication on Port 21 then replies back on a "random" high port, which of course is "blocked" by default so DATA transfer fails ...in Pasive mode the Conection Tracking seems to work .. but not in ACTIVE
Is there something we have missed ??
This thread was automatically locked due to age.
