NAT and FTPS problem
TomTom49 last edited by
I encounter some problems with FTPS (secured FTP) and my 2 pfsense appliances (CARP and failover configured in 2.0-RC1).
My FTP server is in DMZ (with a 10.151.X.X address) and I have published my FTP server in NAT rules.
I have redirected 20,21,989 and 990 ports to my FTP server (all incoming traffic in my CARP public address with well-known destination ports will be redirected to 10.151.0.251).
Simple FTP works like a charm in my public adress but when i try to connect with SSL/TLS encryption, i got an error (425 : can't open data connection).
Filezilla client could download certificate and connect but i get stuck when I parse remote directory…
I have setup wireshark to find the problem.
In fact, when i connect to my public address, i could download and connect to my FTP server with SSL/TLS through NAT...
But when my certificate is installed, filezilla want's to connect to my 10.151.0.251 private IP address (which is unknown in public networks...)
I think that i must configure my PFSense applicances to deliver certificate instead of my FTP server.
Does some people have the same problem?
I have join a visio diagram to see my IT infrastructure :
Sorry for mistakes (i'm a french engineer)