FTP problem [solved]



  • I inadvertently set my FTP IP address to forward to 192.168.1.21 instead of 192.168.1.100.

    I've since changed the rules and diabled then re-enabled the ftp helper, but I now keep getting this error:

    Dec 14 21:23:31 	pftpx[40553]: #41 proxy cannot connect to server 192.168.1.21: Host is down
    Dec 14 21:23:31 	pftpx[40553]: #41 proxy cannot connect to server 192.168.1.21: Host is down
    Dec 14 21:22:54 	pftpx[40553]: #40 proxy cannot connect to server 192.168.1.21: Host is down
    Dec 14 21:22:54 	pftpx[40553]: #40 proxy cannot connect to server 192.168.1.21: Host is down
    Dec 14 21:22:49 	pftpx[40553]: #39 proxy cannot connect to server 192.168.1.21: Host is down
    Dec 14 21:22:49 	pftpx[40553]: #39 proxy cannot connect to server 192.168.1.21: Host is down
    Dec 14 21:22:41 	pftpx[40553]: #38 proxy cannot connect to server 192.168.1.21: Host is down
    Dec 14 21:22:41 	pftpx[40553]: #38 proxy cannot connect to server 192.168.1.21: Host is down
    

    There are NO references to 192.168.1.21 anywhere in the GUI any more, why is this doing this and how can I get it to correctly default to 192.168.1.100?

    Thanks in advance



  • Try rebooting the firewall.



  • Yep that's kind of working.

    All connections are showing as coming from 192.168.1.2 as opposed to the connectees IP address.

    It's also not allowing files to resume, any ideas why?



  • No afraid not.  I try to not think about FTP any more.  It's done its fair share of damage to my brain already.



  • :lol: It renders pfSense unusable for me though TBH.

    not the resuming, but the fact that connections all show as 192.168.1.2
    any ideas on THAT one?



  • That's caused by the ftp proxy. There's no workaround other than disabling the proxy and forwarding all needed ports (21 and passive portrange of your server) and making your server aware of it's public IP.



  • Thanks hoba, so if I just forwarrd the relevant ports and diable the ftp helper it should work as I would expect?

    Am I right?



  • You have to make the server aware of the real public IP as well. Different ftp servers have different mechanisms how to handle this. Check your ftp-servers manpages. But besides this you are correct.



  • All done, IP's reporting as it should :)
    Thanks


Locked