Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    FTP outgoing from FreeBSD broken when Windows works = FIXED/WORKAROUND

    Scheduled Pinned Locked Moved General pfSense Questions
    1 Posts 1 Posters 11.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      wayhigh
      last edited by

      I've seen it asked once or twice but never encountered the problem before until today when I set up the pfSense firewall to allow users to do outgoing ftp and it wasn't working. This would keep many of the maintenance features of FreeBSD not working which would cause huge amounts of work for me. Strangely, the Windows ftp client was working in passive mode so I began digging around…

      It seems that the default client on FreeBSD and probably others is set to use epsv4 (extended passive mode) and that doesn't work with the default install of pfSense. Oh sure, it may be nice if pfSense supported epsv4 but really it's not necessarily needed and there's an easy workaround.

      Add the following to your .netrc file and it should start working again for you:

      default login anonymous password someone@somewhere.com macdef
      init
      passive
      epsv4 off

      That's all it took for me and now my ftp on my freebsd box is working just fine.

      Regards,
      WH

      UPDATE: I found a simpler way of getting this to work just fine:
      Disable the ftp-proxy on the LAN side
      Enable the ftp-proxy on the WAN side

      It seems that when the proxy rules for both sides were enabled the packets were getting dropped on the LAN side for some reason. It works now and I don't necessarily need to understand the whole reason why. However, if you try both of these and still have a problem, maybe I can help out.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.