Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    FTP & Ftp Helper - with internal server and internal to external client.

    General pfSense Questions
    1
    1
    3.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Superman
      last edited by

      Hey Everyone,

      I've read through all the posts I could find about FTP and more specifically the new FTP helper. I couldn't find exactly the answer I was looking for.

      I understand that presently the documentation is scanty as the primary focus is on development, etc, so I was just wondering how to configure the following.

      I have pfSense running on an older computer with 2 interfaces, 1 WAN, 1 LAN, nothing unusual.

      On my internal network I have several computers, mostly workstations, but 1 is a *nix server with a private ftp server for some of my friends.

      I have added the necessary NAT/Firewall rules, and previously this seemed to work. However then I had problems with internal FTP clients connecting to external servers. With the new per interface FTP Helper I messed with various settings - both enabled, only WAN or only LAN enabled, both disabled - it only seemed to work with both disabled in PASSIVE mode only. ACTIVE mode would just fail. Recently, with pfSense version 0.96.2 I decided to try messing with it again. Now if I enable the helper on both interfaces I can connect to external clients in ACTIVE mode!! Now that's great, but now however it seems nobody can connect to my internal server.

      It seems I have two helpers running:

      
# ps aux | grep pftpx
proxy     711  0.0  0.8  1276   936  ??  Ss    5:53PM   0:00.06 /usr/local/sbin/pftpx -c 8021 -g 8021 <pfsense-ip>proxy     843  0.0  0.8  1276   916  ??  SNs   5:53PM   0:00.02 /usr/local/sbin/pftpx -f <ftp-server-ip>-b <wan-ip>-c 21 -g 21</wan-ip></ftp-server-ip></pfsense-ip>

      Perhaps this is causing the problem?

      Anyway, I would like to be able to use internal clients in ACTIVE mode, and to allow connections to my internal server. Is this possible, and if so, what settings do I need to use?

      Thanks for you help!!!  ;D

      Superman

      1 Reply Last reply Reply Quote 0
      • First post
        Last post