FTP from LAN side to WAN side
-
I have 1.0.1 and with NAT turned on
WAN side (10.253.3.1) and a gateway of 10.253.3.254
LAN side (10.253.1.1) with some static routes pointing to the gateway (10.253.1.254)
On the LAN side there is a machine with an address of 172.16.1.196
On the WAN side there is a machine with an address of 10.245.0.72
All the routing is correct and they both see each other fine.
172.16.1.196 can ping 10.245.0.72 and vice versa.
172.16.1.196 can SSH into 10.245.0.72 and vice versa
THE THING IS….
172.16.1.196 cannot FTP into 10.245.0.72
BUT..
10.245.0.72 can FTP into 172.16.1.196
When 172.16.1.196 attempts to FTP into 10.245.0.72 running tcpdump, I see the traffic making it to the LAN interface but never getting to the WAN interface.
This is with FTP-Proxy application ENABLED and DISABLED on BOTH INTERFACES with each FTP test.
What am I doing wrong? ??? :'(
UPDATE:
I made sure FTP-Proxy application was disabled from BOTH interfaces WAN and LAN. Now 172.16.1.196 can FTP to 10.245.0.72 but the ftp client is getting this via tcpdump
:02:01.156678 IP 10.253.3.1.54114 > 10.245.0.72.ftp: P 34:59(25) ack 98 win 65438
0x0000: 4500 0041 ed83 4000 7b06 f8f8 0afd 0301 E..A..@.{…....
0x0010: 0af5 0048 d362 0015 97f0 0838 afc4 f19a ...H.b.....8....
0x0020: 5018 ff9e e17f 0000 504f 5254 2031 3732 P.......PORT.172
0x0030: 2c31 362c 332c 3134 392c 382c 3130 330d ,16,3,149,8,103.
0x0040: 0a .
15:02:01.157009 IP 10.245.0.72.ftp > 10.253.3.1.54114: P 98:125(27) ack 59 win 5840
0x0000: 4500 0043 4d6c 4000 4006 d40e 0af5 0048 E..CMl@.@......H
0x0010: 0afd 0301 0015 d362 afc4 f19a 97f0 0851 .......b.......Q
0x0020: 5018 16d0 35a3 0000 3530 3020 496c 6c65 P...5...500.Ille
0x0030: 6761 6c20 504f 5254 2063 6f6d 6d61 6e64 gal.PORT.command
0x0040: 2e0d 0a ...
15:02:01.207906 IP 10.253.3.1.54114 > 10.245.0.72.ftp: P 59:74(15) ack 125 win 65411
0x0000: 4500 0037 578c 4000 7b06 8efa 0afd 0301 E..7W.@.{.......
0x0010: 0af5 0048 d362 0015 97f0 0851 afc4 f1b5 ...H.b.....Q....
0x0020: 5018 ff83 f288 0000 5354 4f52 2074 6573 P.......STOR.tes
0x0030: 742e 7478 740d 0a t.txt..
15:02:01.207959 IP 10.245.0.72.ftp > 10.253.3.1.54114: P 125:154(29) ack 74 win 5840
0x0000: 4500 0045 4d6e 4000 4006 d40a 0af5 0048 E..EMn@.@......H
0x0010: 0afd 0301 0015 d362 afc4 f1b5 97f0 0860 .......b.......0x0020: 5018 16d0 3857 0000 3432 3520 5573 6520 P...8W..425.Use. 0x0030: 504f 5254 206f 7220 5041 5356 2066 6972 PORT.or.PASV.fir 0x0040: 7374 2e0d 0a st... 15:02:01.421334 IP 10.253.3.1.54114 > 10.245.0.72.ftp: . ack 154 win 65382 0x0000: 4500 0028 bfee 4000 7b06 26a7 0afd 0301 E..(..@.{.&..... 0x0010: 0af5 0048 d362 0015 97f0 0860 afc4 f1d2 ...H.b.........
0x0020: 5010 ff66 81d3 0000 8c4b 13db eb95 P..f.....K...I dont have the ability to test the connection myself and I have to have someone else do it because it is a system (172.16.1.196) we do not own ourselves. The person said they tried passive mode but it still gave the same error. Any ideas?
!!UPDATED!!
The people trying to FTP got it to work. I believe I was talking to a moron yesterday and when I asked him to try PASSIVE MODE he stated he did and it was still giving him that error message. Therefore making me believe I was crazy and it was some problem to where I had no where to troubleshoot from. The true contact came back today from holiday and told me FTP was working and everything is fine now. Please everyone! DOCUMENT!! and if you think you know what you're talking about when you're helping your coworker fix a problem while he is out on vacation. DONT!! Also please do not be a punter and punt because it makes you look like an idiot. Thank you and good day.