Ftp problem?
-
This is covered many times at the forum. First delete all nats and forwards that you created for the ftp so you can start over.
After the cleanup do:
- enable ftp helper at WAN
- add portforward for port 21 to the internal ftpserver, keep autocreate firewallrule checked
- save and apply
-
This is covered many times at the forum. First delete all nats and forwards that you created for the ftp so you can start over.
After the cleanup do:
- enable ftp helper at WAN
- add portforward for port 21 to the internal ftpserver, keep autocreate firewallrule checked
- save and apply
I do this and it works successfull. But two rules for FTP appears, I thinks it is strange or it is OK ?
-
It's ok, one is for the ftphelper to handle the traffic and is needed. It also notes this when you create the portforward in the red infobox with the apply button.
-
my system log have:
php: : No source NAT rule found for interface LAN - not using the FTP proxy
no nat need for my lan side (only need dmz/opt1 side)
my lan clients not connect any ftp server (active or passive)
but my lan side have rule ftp to any.. and lan interface ftp helper enabled (unchecked) -
My bad, i'll see to it that it gets fixed.
So we need to skip that logic for interfaces with a gateway.
Very well. I can do that.
-
It's fixed for a while now. Does it work for you now?
-
latest snahpshoot "pfSense-Full-Update-1.0.1-SNAPSHOT-02-27-2007.tgz"?
-
-
There are some special edgecases where the ftphelper doesn't work correct in the latest snaps. We just found something and are working on the fix. Follow the cvstrac timeline to see what's going on.
-
thanks. congrats!
after 1.0.1-SNAPSHOT-03-08-2007 snapshot update problem resolved.
(but, i think nat reflection problem exist, may be)previous connection setup:
lan to dmz connections used nat real ip (real wan ip)
currently internal ip (opt ip)example:
previous setup: (my ordinary setup)
nat reflection enabled
nat: 212.x.y.93 -> 10.6.1.93 = port: 21 (used auto created rules)
lan clients connection 212.x.y.93 success, but 10.6.1.93 not succes
(wan to ftp server connection success)current setup:
nat reflection enabled
nat: exactly
lan clients connection 10.6.1.93 success, but 212.x.y.93 not success
(wan to ftp server connection success)if true, this is my new ordinary setup..