FTP problems within site-to-site IPSec tunnel
-
Hello,
I have the following setup:
LOCAL LAN <==> LOCAL pfSense <==> Cisco router <==> INTERNET <==> A router <==> REMOTE pfSense <==> REMOTE LAN
LOCAL LAN: 10.6.0.0/16
REMOTE LAN: 192.168.2.0/24There's an IPSec tunnel between the local pfSense and the remote one.
There's also an FTP server on the remote LAN, having IP 192.168.2.86/24.
I'm trying to upload some files from an FTP client on 10.6.0.7/16 to the remote FTP server.The initial FTP connection is OK. I successfully get the directory listing.
NB: I'm using passive FTP.I also successfully uploaded a small file of size 12KB.
However, when I try to upload a larger file, the transfer starts (327680 bytes are uploaded), and then I get an error.
See log extract below:Command: STOR test.pdf Response: 150 Opening BINARY mode data connection for 'test.pdf'. Error: Could not write to transfer socket: ECONNRESET - Connection reset by peer Response: 426 Data connection: No such file or directory. Error: File transfer failed after transferring 327,680 bytes in 26 secondsExtract from pfSense firewall log:
Jan 1 15:08:03 LAN 10.6.0.7:57584 192.168.2.86:21 TCP:PA Jan 1 15:08:02 LAN 10.6.0.7:57584 192.168.2.86:21 TCP:A Jan 1 15:08:02 LAN 10.6.0.7:57584 192.168.2.86:21 TCP:PANB:
I have the following rule on the LAN, WAN and IPSec interfaces on the Firewall rules page:
Allow from LAN subnet to 192.168.2.0/24
Allow from 192.168.2.0/24 to LAN subnetI also tested uploading from the same FTP client to a public FTP server without any problem.
Can anyone please shed some light?
-
Please ignore this post.
The system administrator at the remote end had the wrong gateway on the FTP server.