Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    FTP passive problems connecting to an outside server

    Scheduled Pinned Locked Moved General pfSense Questions
    2 Posts 2 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      nublaii
      last edited by

      We have a simple setup, with a couple of servers.

      We are having sporadic problems connecting to external ftp servers while using passive ftp.

      It works most of the time but we get random disconnections and when it starts to break I notice the filter.log starts to log these lines:

      
      Sep  5 11:26:50 firewall02 pf:     10.0.99.100.52833 > 213.37.140.XXX.1112: Flags [s], cksum 0x9295 (correct), seq 3033110053, win 5840, options [mss 1460,sackOK,TS val 1946081 ecr 0,nop,wscale 6], length 0
      Sep  5 11:26:53 firewall02 pf:     10.0.99.100.52833 > 213.37.140.XXX.1112: Flags [s], cksum 0x8fa7 (correct), seq 3033110053, win 5840, options [mss 1460,sackOK,TS val 1946831 ecr 0,nop,wscale 6], length 0
      Sep  5 11:26:59 firewall02 pf:     10.0.99.100.52833 > 213.37.140.XXX.1112: Flags [s], cksum 0x89cb (correct), seq 3033110053, win 5840, options [mss 1460,sackOK,TS val 1948331 ecr 0,nop,wscale 6], length 0
      
      (I changed the XXX on the target IP)
      
      We are using the latest snapshot on i386 architecture and we have 3 interfaces, WAN, LAN and OPT1 for CARP... we are not using vlan or multiwan so the setup is faily straight forward...
      
      I've seen a bunch of post more or less related to these issues, but none that I could find are conclusive...
      
      Any ideas? How can I start troubleshooting this? The target ftp server is out of bounds, as far as debugging goes, and trying from home the connections works perfectly.[/s][/s][/s]
      
      1 Reply Last reply Reply Quote 0
      • E
        eri--
        last edited by

        Policy routing breaks this at times.
        Though it depends even on what snap you ar eon.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.