Unable to transfert data in FTP Active mode from a FTP server behind pfsense
-
Hi guys,
I'm really confused with what occurs on my setting : I don t understand why the FTP active mode doesn t work with my pfsense box.
First my config :Client connect to 21 port on our public IP and it is natted to the 21 port of our internal FTP server (Filezilla FTP server).
Then the behaviour :
In passive mode, the FTP server is setup to use a range of high TCP port. These ports are opened and forwarded to the FTP server. This work properly, as expected. Client can get and put files.
In active mode, the client can authenticate, and send the IP/destination port the server has to connect to establish the data channel. At this moment, the FTP server logs "unable to open data port".
At the beginning, we blamed the Client nat settings. But the same client can make some active FTP transfert with some other FTP server.I checked the outgoing rules from the LAN interface, but there is nothing but just one rule that allow everything to go through. The bad stuff is in the log of the pfsense doesn t really help.
I just can t understand why the active FTP is failing.
Many thanks for your precious help on this topic !
/R
-
Congratulations for starting 999th duplicate of the same topic. Missed the jackpot just by one…
https://doc.pfsense.org/index.php/FTP_without_a_Proxy
http://www.slacksite.com/other/ftp.html
https://forum.pfsense.org/index.php?action=search -
Damned ! So close !
I've made some research first before posting this topic. The ftp_without_a_proxy link said :A server behind pfSense would work fine with active mode, there would be no difference here. In active mode the server would make outbound connections back to the client, so as long as the firewall rules on the interface containing the server allow outbound connections, it will work.
As I have the default outbound rule, I just dont understand why the outgoing FTP server connection seems to fail.
Anyway, I will try harder !