VIP & FTP problem
-
Hello
I have 4 nic's, my pfsense ip is xxx.xxx.xxx.130
WAN (xxx.xxx.xxx.130/26, Gateway : xxx.xxx.xxx.129, FTP Helper enable)
|
LAN (192.168.2.1/24)
|
OPT1 (bridged with WAN)
|
OPT2 (LAN2, 192.168.1.1/24, FTP Helper enable)In my log
pftpx[439]: listening on 127.0.0.1 port 8022
pftpx[431]: listening on 127.0.0.1 port 8021I have a VIP xxx.xxx.xxx.170 using CARPS and a NAT 1:1 (xxx.xxx.xxx.170 ->192.168.1.1)
My rules :
On WAN
TCP * 21 (FTP) 192.168.1.1 * *On OPT2 i have set this rule:
TCP * * * 21 (FTP) *On my PC 192.168.1.1, when i start a ftp client (in passive mode) i can connect but i can not list directory.
In FileZilla if i set the ports range 6500-6505 and if i add a rule on OPT2:
TCP * 8000 - 8005 * * *
Everything works.My problem we have a application that use ftp to send files but we can not set the port range, i don't want to add a rule on OPT2 that permit all outbound traffic from 192.168.1.1 to external.
Is there an other solution ?
Thanks