Vsftpd not working behind pfsense
-
Hi all,
I've read the posts about FTP behind pfsense, but still I cannot get it working. My setup is this:- pfsense with an optional interface 192.168.245.7
- WAN with ftp helper enabled (checkbox disabled)
- vsftpd server running on 192.168.245.77
- port forwarding on port 21 TCP
Either enabling PASV mode or disabling the FTP helper on the WAN interface lead me to the same behavior:
Wed Jun 23 11:37:21 2010 [pid 6917] [workart] FTP response: Client "192.168.245.7", "230 Login successful." Wed Jun 23 11:37:21 2010 [pid 6917] [workart] FTP command: Client "192.168.245.7", "SYST" Wed Jun 23 11:37:21 2010 [pid 6917] [workart] FTP response: Client "192.168.245.7", "215 UNIX Type: L8" Wed Jun 23 11:37:22 2010 [pid 6917] [workart] FTP command: Client "192.168.245.7", "PORT 192,168,245,7,235,218" Wed Jun 23 11:37:22 2010 [pid 6917] [workart] FTP response: Client "192.168.245.7", "200 PORT command successful. Consider using PASV." Wed Jun 23 11:37:22 2010 [pid 6917] [workart] FTP command: Client "192.168.245.7", "LIST" Wed Jun 23 11:37:42 2010 [pid 6914] [workart] FTP response: Client "192.168.245.7", "425 Failed to establish connection." Wed Jun 23 11:38:22 2010 [pid 6917] [workart] FTP response: Client "192.168.245.7", "425 Failed to establish connection."
the LIST command freeze each time. I've tried to set the server in PASV mode defining the following in the vsftpd.conf file:
pasv_enable=YES # wan address pasv_address=XX.XX.XX.XX pasv_max_port=51000 pasv_min_port=50000 port_enable=YES
but the behavior is the same. If I try to connect to the ftp server on the same network I got a correct session:
Wed Jun 23 11:41:06 2010 [pid 6936] [workart] FTP response: Client "192.168.245.77", "230 Login successful." Wed Jun 23 11:41:06 2010 [pid 6936] [workart] FTP command: Client "192.168.245.77", "SYST" Wed Jun 23 11:41:06 2010 [pid 6936] [workart] FTP response: Client "192.168.245.77", "215 UNIX Type: L8" Wed Jun 23 11:41:07 2010 [pid 6936] [workart] FTP command: Client "192.168.245.77", "PORT 192,168,245,77,166,116" Wed Jun 23 11:41:07 2010 [pid 6936] [workart] FTP response: Client "192.168.245.77", "200 PORT command successful. Consider using PASV." Wed Jun 23 11:41:07 2010 [pid 6936] [workart] FTP command: Client "192.168.245.77", "LIST" Wed Jun 23 11:41:07 2010 [pid 6936] [workart] FTP response: Client "192.168.245.77", "150 Here comes the directory listing." Wed Jun 23 11:41:07 2010 [pid 6936] [workart] FTP response: Client "192.168.245.77", "226 Directory send OK."
So there is something not working with my pfsense setup, but I'm not sure what it is….any help?