4. NAT and FTPS problem

NAT and FTPS problem

  • T

    Hi everybody.

    I encounter some problems with FTPS (secured FTP) and my 2 pfsense appliances (CARP and failover configured in 2.0-RC1).

    My FTP server is in DMZ (with a 10.151.X.X address) and I have published my FTP server in NAT rules.
    I have redirected 20,21,989 and 990 ports to my FTP server (all incoming traffic in my CARP public address with well-known destination ports will be redirected to 10.151.0.251).

    Simple FTP works like a charm in my public adress but when i try to connect with SSL/TLS encryption, i got an error (425 : can't open data connection).
    Filezilla client could download certificate and connect but i get stuck when I parse remote directory…

    I have setup wireshark to find the problem.

    In fact, when i connect to my public address, i could download and connect to my FTP server with SSL/TLS through NAT...
    But when my certificate is installed, filezilla want's to connect to my 10.151.0.251 private IP address (which is unknown in public networks...)

    I think that i must configure my PFSense applicances to deliver certificate instead of my FTP server.

    Does some people have the same problem?

    I have join a visio diagram to see my IT infrastructure :
    http://img819.imageshack.us/i/infrastructuresifuturlo.jpg/

    Sorry for mistakes (i'm a french engineer)

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy