Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Multiple Public Ips, single Wan and… FTP!

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 3 Posters 2.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      scorpius
      last edited by

      I'd been reading two days around the forum to solve my FTP issue with no luck…
      I tried multiple setups with the same result... passive ftp won't work... but i need it working from inside LAN to the internet and viceversa...
      Actually the best setup I found is:

      Pfsense box 1.2RC3: 1 eth x Wan, 1 eth x Lan
      WAN: single pubblic IP address + 10 VIPS (Proxy ARP)
      LAN: 192.168.16.x/24 class
      1:1 NAT on both 10 VIPS for 10 LAN Ips (10 different server inside)
      No FTP Helper enabled on both LAN and WAN (as it doesn't work with P Arps VIPS)
      Wan and Lan rules to permit data traffic for ftp (manual setups for ftps data ports in range 5000-5500) and of course 21/20 port rules for Wan and Lan

      Active Ftp works from outside to lan, no way to let passive ftp work or to ftp from inside lan to internet..

      Probably my setup is wrong for my needs but i need to allocate multiple wan ips given by my isp.
      I really apprieciate any advice
      thx
      Andrea

      1 Reply Last reply Reply Quote 0
      • M
        Munkee
        last edited by

        I am having the same issue with a similar setup and would love to see an answer to this.

        I have read and tried various solutions with frustrating results.  I believe that pfSense is a very well put together product with the exception of this FTP issue.

        Please someone help.

        1 Reply Last reply Reply Quote 0
        • dotdashD
          dotdash
          last edited by

          There should be no issues with enabling the ftp helper on the LAN interface- the LAN isn't using a Proxy-ARP. Try checking the box to enable ftp helper on the LAN and re-test an outgoing ftp connection.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.