Could not do active ftp through ipsec vpn (SOLVED)



  • Hi alll,

    i have a problem with an ipsec tunnel between pfsense and a pix.

    when the customer (pix) is trying a ftp transfert in active mode through the IPSEC tunnel, he could not list directories behind pfsense in our lan

    in passive mode it's ok, but his application could only do active ftp…

    any idea ?

    Regards

    JMB



  • If you disable the FTP helper, does that problem go away?



  • hi ,

    no it doesn't help

    regards

    jmb



  • Hi ,

    i have found a solution. I have created a rule to allow ftp from our lan to the lan of our customer like this:

    TCP  <our ftp="" server="" ip="">  *    <customer lan="" net="">  1024 - 65535  *

    hope this could help

    regards

    JMB</customer></our>



  • Oh, well yeah that'd help.  :)  I was assuming you had the proper rules in place and thinking it possibly was a FTP proxy related issue (though VPN subnets are supposed to bypass that, obviously that's working correctly).


Log in to reply