Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Problem with FTP.

    Firewalling
    6
    12
    4269
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      devoyon last edited by

      I have a server on my lan that want access to an ftp internet server.

      I have allowed on my lan interface tcp/udp port ftp to everybody on internet from all my lan.

      When i do en ftp ftpperso.free.fr (really known ftp server) (i have done the same test with many others providers) it goes out in time out.
      I have a look on the shell console (in the "Filter Logs" section) i have this :

      000000 rule 156/0(match): pass in on sis0: 10.0.10.252.34230 > 127.0.0.1.8021: S 1702847089:1702847089(0) win 5840 <mss 1460,sackok,timestamp[|tcp]="">It is strange that my log show that i want to connect to 127.0.0.1 (the firewall itself ??!!)
      I'm in 1.0.1 release….

      i can add any logs wanted for debugging.

      Best regards
      Guillaume</mss>

      1 Reply Last reply Reply Quote 0
      • H
        hoba last edited by

        Not strange at all. 127.0.0.1 is the ftphelper that dynamically allows traffic at additionally needed ports. Do you have a multiwan setup? Did you try passive or active mode?

        Btw, there is really A LOT of discussion going on about FTP at the forum. I hope you have already searched.

        1 Reply Last reply Reply Quote 0
        • D
          devoyon last edited by

          oups i had a look but you'r post show me that i didn't had a good look, so i searched again.
          I foud this topic that explained me how to disable the pftpx

          http://forum.pfsense.org/index.php/topic,2196.0.html

          Best regards
          Thank you

          1 Reply Last reply Reply Quote 0
          • R
            Ricky last edited by

            How can i enable PASV MODE in pfsense ? …

            Thanks,

            1 Reply Last reply Reply Quote 0
            • H
              hoba last edited by

              The ftp proxy usually does take care of this.

              1 Reply Last reply Reply Quote 0
              • R
                Ricky last edited by

                but if i enable the ftp proxy, nobody can access my ftp.

                1 Reply Last reply Reply Quote 0
                • S
                  sullrich last edited by

                  Which is in stark contrast of everyone else that uses it.  It works out of the box with it enabled.  Check your FTP client settings, etc.

                  1 Reply Last reply Reply Quote 0
                  • L
                    laxplayer last edited by

                    @sullrich:

                    Which is in stark contrast of everyone else that uses it.  It works out of the box with it enabled.  Check your FTP client settings, etc.

                    I am actually have a similar issue with the FTP Helper not working. But I need help with this issue. When an coming connection comes in, the client sets everything up but according to the log files the control channel (tcp/20) is blocked. I have WAN, OPT1, OPT2, and LAN setup where everything but LAN is public IPs. Is the issue that I'm not natting the connection and therefore the FTP proxy is not working? Any help would be greatly appreciated.

                    Thanks,

                    Jeremy

                    1 Reply Last reply Reply Quote 0
                    • J
                      jeroen234 last edited by

                      the ftp proxy is to help with nat
                      don't think it will do somthing if there is no nat

                      1 Reply Last reply Reply Quote 0
                      • H
                        hoba last edited by

                        It's dynamically opening additional ports for the ftp traffic. It's not only helping with NAT.

                        1 Reply Last reply Reply Quote 0
                        • L
                          laxplayer last edited by

                          @hoba:

                          It's dynamically opening additional ports for the ftp traffic. It's not only helping with NAT.

                          So does that mean that NAT is needed or not needed for the FTP proxy to work?

                          Thanks

                          Jeremy

                          1 Reply Last reply Reply Quote 0
                          • H
                            hoba last edited by

                            Don't want to sound rude but please search the forum. The ftp proxy and how to set it up is REALLY described every few lines throughout the forum.

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post