FTP & Ftp Helper - with internal server and internal to external client.
-
Hey Everyone,
I've read through all the posts I could find about FTP and more specifically the new FTP helper. I couldn't find exactly the answer I was looking for.
I understand that presently the documentation is scanty as the primary focus is on development, etc, so I was just wondering how to configure the following.
I have pfSense running on an older computer with 2 interfaces, 1 WAN, 1 LAN, nothing unusual.
On my internal network I have several computers, mostly workstations, but 1 is a *nix server with a private ftp server for some of my friends.
I have added the necessary NAT/Firewall rules, and previously this seemed to work. However then I had problems with internal FTP clients connecting to external servers. With the new per interface FTP Helper I messed with various settings - both enabled, only WAN or only LAN enabled, both disabled - it only seemed to work with both disabled in PASSIVE mode only. ACTIVE mode would just fail. Recently, with pfSense version 0.96.2 I decided to try messing with it again. Now if I enable the helper on both interfaces I can connect to external clients in ACTIVE mode!! Now that's great, but now however it seems nobody can connect to my internal server.
It seems I have two helpers running:
# ps aux | grep pftpx proxy 711 0.0 0.8 1276 936 ?? Ss 5:53PM 0:00.06 /usr/local/sbin/pftpx -c 8021 -g 8021 <pfsense-ip>proxy 843 0.0 0.8 1276 916 ?? SNs 5:53PM 0:00.02 /usr/local/sbin/pftpx -f <ftp-server-ip>-b <wan-ip>-c 21 -g 21</wan-ip></ftp-server-ip></pfsense-ip>Perhaps this is causing the problem?
Anyway, I would like to be able to use internal clients in ACTIVE mode, and to allow connections to my internal server. Is this possible, and if so, what settings do I need to use?
Thanks for you help!!! ;D
Superman