4. NAT and FTPS problem

NAT and FTPS problem

  • T

    Hi everybody.

    I encounter some problems with FTPS (secured FTP) and my 2 pfsense appliances (CARP and failover configured in 2.0-RC1).

    My FTP server is in DMZ (with a 10.151.X.X address) and I have published my FTP server in NAT rules.
    I have redirected 20,21,989 and 990 ports to my FTP server (all incoming traffic in my CARP public address with well-known destination ports will be redirected to 10.151.0.251).

    Simple FTP works like a charm in my public adress but when i try to connect with SSL/TLS encryption, i got an error (425 : can't open data connection).
    Filezilla client could download certificate and connect but i get stuck when I parse remote directory…

    I have setup wireshark to find the problem.

    In fact, when i connect to my public address, i could download and connect to my FTP server with SSL/TLS through NAT...
    But when my certificate is installed, filezilla want's to connect to my 10.151.0.251 private IP address (which is unknown in public networks...)

    I think that i must configure my PFSense applicances to deliver certificate instead of my FTP server.

    Does some people have the same problem?

    I have join a visio diagram to see my IT infrastructure :
    http://img819.imageshack.us/i/infrastructuresifuturlo.jpg/

    Sorry for mistakes (i'm a french engineer)

    0
Locked
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy