This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DNAT FTP Issue

I have the following DNAT Setting on Firmware 7.511...

Name: FTP Server
Traffic Source: Any
Traffic Service: FTP (which is port 21)
Traffic Destination: External WAN Address
Nat Mode: DNAT (Destination)
Destination: FTP Server (an FTP Server runnin on a private IP port 21)
Destination Service: this is blank
Log Initial Packets: Checked
Automatic Packet Firewall Rule: Checked

This works great, for all my clients connecting. I have 1 client that worked fine, then changed ISP's (AT&T to Earthlink), now I see the firewall Logging Packet Filter shows a initial connection, but that's it.

The client says they are getting a connection ended after they try to connect from a command line - when it used to work.

I suspect it's Earthlink filtering something, but not sure what. They are connecting from a public ip address also - so we could rule out the firewall on their end. All other hundreds of clients have no problem - different public IPs and ISPs though.

Thoughts?

Zack

This thread was automatically locked due to age.

Parents

0 Hallowach2 over 13 years ago

I was talking about the logfile of your ftp server, not about the asg ftp log. Can you see the connection attempt on the ftp server?

Do you have country blocking enabled? There are sometimes some mistakes in that database.
Cancel
Vote Up 0 Vote Down

Cancel
0 zburns over 13 years ago in reply to Hallowach2

No country blocking (that's in 8.x version of ASG)

And that's the log that I checked - the FTP server - nothing there.
Cancel
Vote Up 0 Vote Down

Cancel
0 Longman over 13 years ago in reply to zburns

What about a log file from a client that is failing.
Cancel
Vote Up 0 Vote Down

Cancel
0 zburns over 13 years ago in reply to Longman

Here's a log from FileZilla - (ip/names changed for protection)

2012-05-02 09:47:34 2924 3 Status: Resolving address of ftp.test.com
2012-05-02 09:47:34 2924 3 Status: Connecting to 65.88.114.242:21...
2012-05-02 09:47:34 2924 3 Status: Connection established, waiting for welcome message...
2012-05-02 09:47:39 2924 3 Error: Could not connect to server
2012-05-02 09:47:39 2924 3 Status: Waiting to retry...
2012-05-02 09:47:44 2924 3 Status: Resolving address of ftp.test.com
2012-05-02 09:47:44 2924 3 Status: Connecting to 65.88.114.242:21...
2012-05-02 09:47:45 2924 3 Status: Connection established, waiting for welcome message...
2012-05-02 09:47:56 2924 3 Error: Could not connect to server
Cancel
Vote Up 0 Vote Down

Cancel
0 Longman over 13 years ago in reply to zburns

Does this user have the same issue when connecting to other ftp servers? That would prove if the isp was causing the problem.
Cancel
Vote Up 0 Vote Down

Cancel
0 zburns over 13 years ago in reply to Longman

No issue - have a public IP setup outside our firewall with a FTP server and it works fine. It's a weird issue - can't figure it out.

Zack
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 zburns over 13 years ago in reply to Longman

No issue - have a public IP setup outside our firewall with a FTP server and it works fine. It's a weird issue - can't figure it out.

Zack
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 Longman over 13 years ago in reply to zburns

OK so this user can connect to other ftp sites but not the ftp site behind the astaro firewall. Can this user use a different computer from the same location to see if the results change?
Cancel
Vote Up 0 Vote Down

Cancel