Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

VIP & FTP problem

Routing and Multi WAN

1

1

1912

Log in to reply

M
MadX last edited by

Hello

I have 4 nic's, my pfsense ip is xxx.xxx.xxx.130

WAN (xxx.xxx.xxx.130/26, Gateway : xxx.xxx.xxx.129, FTP Helper enable)
|
LAN (192.168.2.1/24)
|
OPT1 (bridged with WAN)
|
OPT2 (LAN2, 192.168.1.1/24, FTP Helper enable)

In my log
pftpx[439]: listening on 127.0.0.1 port 8022
pftpx[431]: listening on 127.0.0.1 port 8021

I have a VIP xxx.xxx.xxx.170 using CARPS and a NAT 1:1 (xxx.xxx.xxx.170 ->192.168.1.1)

My rules :
On WAN
TCP * 21 (FTP) 192.168.1.1 * *

On OPT2 i have set this rule:
TCP * * * 21 (FTP) *

On my PC 192.168.1.1, when i start a ftp client (in passive mode) i can connect but i can not list directory.
In FileZilla if i set the ports range 6500-6505 and if i add a rule on OPT2:
TCP * 8000 - 8005 * * *
Everything works.

My problem we have a application that use ftp to send files but we can not set the port range, i don't want to add a rule on OPT2 that permit all outbound traffic from 192.168.1.1 to external.

Is there an other solution ?

Thanks
1 Reply Last reply
Reply Quote 0

1 / 1