FTP



  • I am having problems with FTP port forward,  I have tried almost everything that was written here but haven't got any success as I would like to,
    Lets be straight it does work on PORT mode, but doesn't on passive mode (strange huh).
    The firewall version is: 1.2 Beta 2

    The only way that it does work in Passive and Active mode are the following settings:
    1. On the WAN side on FTP helper it is not marked on "Disable the userland FTP-Proxy application"
    2. On NAT Port forward settings:

    NAT rule one: WAN… TCP....21 (FTP).... 10.0.0.1...(ext.: my pppoe IP,as like interface Address)... 21 (FTP)
    NAT rule two: WAN... UDP... 20.............  10.0.0.1...(ext.: my pppoe IP,as like interface Address)... 20

    Firewall Rules (WAN side)

    Rule one:  UDP...... ....... * ........10.0.0.1....... 20 .......
    Rule Two :  TCP...... * .......* .........WAN address........ 21 (FTP)...... *

    Only that way it connects to my FTP server on Active and Passive mode and I am able to view and download/upload files.

    now here comes the problem that I have.

    In my FTP software it shows from what IP the client is connecting, when I set it like the rules you see above it shows like the client is connecting from wan address IP, (not his real IP) I have no clue if it is one of my friends or people that allow to connect to the FTP server or a hacker starting to crack passwords that I do need to block his IP from entering the FTP server.

    does anyone have a clue what to do?





  • Well i did follow that link but it wasnt sucsessfull…



  • i'm using 1.01 and did exactly what was written here http://wiki.pfsense.com/wikka.php?wakka=FTPTroubleShooting and it works fine. double check your settings and make sure to remove any ftp related nat / rules before you follow the instructions.



  • Incidentally, at this point, if you're running 1.0.1, you really should be on at least 1.2-Beta-2, especially if you're having problems.


Log in to reply