cannot connect FTP using WinNC software on Pfsense

mousevn · May 6, 2019, 4:36 AM

I have learned 1 week but not yet.
My Pfsense firewall blocks FTP connection by software but connects manually on the computer using ftp://xxx.xxx.xxx.xxx.
I use Winnc software to connect to the FTP Server elsewhere
in my rules to default to the internet does not block any port
ask your help.

Derelict · May 6, 2019, 5:08 AM

There is nothing that will block outbound active or passive FTP connections in the default rules.

If you are connecting to an outside FTP server in active mode, You will need to enable the FTP client proxy package.

Try explicitly setting your FTP client to use passive mode before going there though.

Gertjan · May 6, 2019, 4:57 AM

Hi,

You are using a FTP client on your LAN and want you connect to some FTP server on the Internet ?
The other way around ?

mousevn · May 7, 2019, 12:20 AM

@Gertjan said in cannot connect FTP using WinNC software on Pfsense:

Hi,
You are using a FTP client on your LAN and want you connect to some FTP server on the Internet ?
The other way around ?

that's right

mousevn · May 7, 2019, 12:28 AM

@Derelict

I installed the FTP client proxy and set up the following:
Proxy Enable - Tick
Local Interface - LAN
IPv6 - no tick
Anonymous - no tick
Source - 192.168.10.1 (address of Pfsense device)
Bind Port - 21
Max Sessions - Blank
Traffic Shaping - Blank
Rewrite Port 20 - no tick
Ide Timeout - Blank
Log Connection - ticked

but the software connected to the FTP server still cannot run

Derelict · May 7, 2019, 12:30 AM

Did you even TRY passive mode like I suggested?

Derelict · May 7, 2019, 6:48 AM

Passive mode is what you want.

If you insist on active mode, you probably want the source address to be 192.168.1.14, not 192.168.10.1.

Note that whatever is upstream of you will also need to have some sort of active FTP proxy or ALG or simply pass everything received to the pfSense WAN.

mousevn · May 7, 2019, 6:48 AM

@Derelict
thank you very much