Connect to Internal FTP Server fail

  • I use Pfsense to work as a gateway and the firewall of a web server, it contain 2 real ip, with 3 network card,
    the connection looks like this:
    eth0: real ip1
    eth1: lan ip address
    opt1: real ip2

    Internet –-- (realip1)Pfsense ----(lan ip) ---- LAN
                                    --(real ip2 at opt1 interface) ---- web server

    I use virtual ip address to set the 2nd real ip address at the opt1 interface, everything works fine, but I cannot connect to the web server using FTP, (the web server also running a ftp server service), so I try to set passive mode port range at the ftp server, and NAT portforward 21 and a range 20000 ~ 20100 to the web server from opt1. But it still not work, when I try to connect to the ftp server, it able to login but stop at the "LIST" command.

    I already tried to enable the ftp helper at opt1(web server's real ip) interface at forward port 21, 20 to the web server, but it still not work.

    So, how can I get the ftp server work in this environment? Thank you.

Log in to reply