ok but the host is external not internal. oh well it does not seem to create a problem

Thanks for the reply!  I will stand by in anticipation  ;D
You guys are the best!

I added it to our "not ready yet but cool to have at some point" feature list. Stay tuned  ;)

If you are running on a full install issue the following from a shell prompt:

cvs_sync.sh releng_1 && /etc/rc.filter_configure

Then make sure the FTP helper is enabled for the interface in question (I am guessing LAN).

Also, if you are using a dual wan, then FTP will not work on the 2nd WAN.q

@sullrich:

Yes.   We are not geared for the same hardware.

If we where, what would be the point of the fork?

Makes sense, thanks again for the help. I'll swap the machine for a Pentium III with some decent amount of RAM and see if things improve.

We need to make our textx more interesting to ready, maybe some boops would help  ;D

Just double checking this, and realized I never posted a link to the ticket:

http://cvstrac.pfsense.com/tktview?tn=848

And to quote from System -> Advanced:

"Disables the automatic creation of NAT redirect rules for access to your public IP addresses from within your internal networks. Note: Reflection only works on port forward type items and does not work for large ranges > 500 ports."

The easiest way (without touching the config.xml doing a copy/paste and replace interface names) I can think of is to use the [+] icon in the line you want copy and then just change the interface name from wan to your optx. This works for firewall rules and for nat. however you have to click them trough one by ine this way but you only have to modify one dropdown for each rule.

after several times reset to default and recreate the rule at firewall.
also reconfigure my ftp server setting, download/upload is running smoothly.

thanks a lot…  :D :D :D

System -> Advanced -> Disable Firewall … but this will disable firewalling as well.

or

If you want to simply deactivate nat visit Firewall -> Outbound -> Enable advanced outbound NAT and then remove all rules for advaned outbound NAT.

I beleive that was explained here : http://forum.pfsense.org/index.php?topic=725.msg4419#msg4419

Can't.  I'm doing the utmost evil and running a beta release at a production site 3 hours away.  I can't upgrade until I go down there, not because it won't work, but because my sleep better at night knowing that I'd be there "just in case".

Don't worry, I'm going down on friday.

First, this is pfSense and not m0n0wall  :P
Second, I assume the clients at OPT are using another default gateway that doesn't have a route back to your LAN subnet vie the pfSenses OPT IP. Masquerading would fix that but could cause other trouble on the other hand. Adding a route at the OPT's clients default gateway would be the "cleaner" solution imo. If you reall wan't to NAT enable advanced outbound NAT at Firewall>NAT and add a mapping for LAN to OPT with OPT IP of the pfSense there.

problem with outgoing ftp. ftp proxy is enabled on wireless. and nothing else it is working
sometimes but is very slow and seems to stop working after about 15 minutes.

still am a bit uncertian as to where to start lookking in respect to this.

additionally pppoe clients seem to also have trouble with ftp as well.

Thank, I will try it.

Can you add "Virtual Server" in NAT? so easy to make a server-port?

:)

This is because of NAT reflection.  You have a few options.

Disable reflection in System -> Advanced

Change the webConfigurator port in System -> General

How can you fix this now?  Do this from the console ( Option 8 ) :

pfctl -d

Now login and do one of the above options.

Once you are done, run this from the console ( Option 8 ) :

pfctl -e

Please click, "Thanks, Solved" if this fixed you're issue.  Thanks!

I have portforward lots of times with diffrent versions of pfSense and have never seen that problem.

Could it be that you have configured it wrong some how?
Attach a screen dump of the portforward in question (an image says more than thousand words).