FTP problem [solved]

PC_Arcade · Dec 14, 2006, 9:16 PM

I inadvertently set my FTP IP address to forward to 192.168.1.21 instead of 192.168.1.100.

I've since changed the rules and diabled then re-enabled the ftp helper, but I now keep getting this error:

Dec 14 21:23:31 	pftpx[40553]: #41 proxy cannot connect to server 192.168.1.21: Host is down
Dec 14 21:23:31 	pftpx[40553]: #41 proxy cannot connect to server 192.168.1.21: Host is down
Dec 14 21:22:54 	pftpx[40553]: #40 proxy cannot connect to server 192.168.1.21: Host is down
Dec 14 21:22:54 	pftpx[40553]: #40 proxy cannot connect to server 192.168.1.21: Host is down
Dec 14 21:22:49 	pftpx[40553]: #39 proxy cannot connect to server 192.168.1.21: Host is down
Dec 14 21:22:49 	pftpx[40553]: #39 proxy cannot connect to server 192.168.1.21: Host is down
Dec 14 21:22:41 	pftpx[40553]: #38 proxy cannot connect to server 192.168.1.21: Host is down
Dec 14 21:22:41 	pftpx[40553]: #38 proxy cannot connect to server 192.168.1.21: Host is down

There are NO references to 192.168.1.21 anywhere in the GUI any more, why is this doing this and how can I get it to correctly default to 192.168.1.100?

Thanks in advance

sullrich · Dec 14, 2006, 10:12 PM

Try rebooting the firewall.

PC_Arcade · Dec 15, 2006, 6:57 PM

Yep that's kind of working.

All connections are showing as coming from 192.168.1.2 as opposed to the connectees IP address.

It's also not allowing files to resume, any ideas why?

sullrich · Dec 15, 2006, 7:12 PM

No afraid not. I try to not think about FTP any more. It's done its fair share of damage to my brain already.

PC_Arcade · Dec 15, 2006, 7:23 PM

:lol: It renders pfSense unusable for me though TBH.

not the resuming, but the fact that connections all show as 192.168.1.2
any ideas on THAT one?

hoba · Dec 15, 2006, 7:34 PM

That's caused by the ftp proxy. There's no workaround other than disabling the proxy and forwarding all needed ports (21 and passive portrange of your server) and making your server aware of it's public IP.

PC_Arcade · Dec 15, 2006, 9:05 PM

Thanks hoba, so if I just forwarrd the relevant ports and diable the ftp helper it should work as I would expect?

Am I right?

hoba · Dec 15, 2006, 9:12 PM

You have to make the server aware of the real public IP as well. Different ftp servers have different mechanisms how to handle this. Check your ftp-servers manpages. But besides this you are correct.

PC_Arcade · Dec 16, 2006, 10:15 AM

All done, IP's reporting as it should :)
Thanks