LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 11-30-2005, 08:35 PM   #1
IBall
Senior Member
 
Registered: Nov 2003
Location: Perth, Western Australia
Distribution: Ubuntu, Debian, Various using VMWare
Posts: 2,088

Rep: Reputation: 61
FTP and SSH server ports


Hi,
I am trying to set up a FTP server, on a machine running Debian Testing.

The server is behind a NAT box.

I understand that I need to open ports 20 and 21 on the firewall, and forward these ports to the server from the NAT box. However, the FTP server only works from within my network, so I assume that I am not doing the NAT port forwarding correctly. When I try to login from an external machine, I can login correctly but I can not transfer any data.

I would also like to allow ssh access to this machine. This would be port 22. It works from within the network, but not from an external machine.

What ports do I need to forward from the NAT box to the server in order for this to work?

If I forward all the ports to the server, everything works correctly, however this is not very secure, so what is a better solution.

Thanks in advance
--Ian
 
Old 12-01-2005, 04:29 AM   #2
nx5000
Senior Member
 
Registered: Sep 2005
Location: Out
Posts: 3,307

Rep: Reputation: 52
Why not launch a sniffer in the LAN and look at a connection initiated from the outside? If you can also put a sniffer on a client (and/or on the outside interface of firewall) , then you will have even more information.

You would know where is your problem for ftp:
-> the client can not reach the data port of the server
-> in case of active ftp, the server is maybe blocked by the firewall : src port 20 (for ftp servers that are standards.. not all) to outside should be opened (to the client only) when an ftp transfer is occuring.
-> in case of passive ftp, maybe the client is blocked by your firewall not opening a port
-> the client tries to connected to your internal IP (192.168.0.1 for example) because your nat is not translating the data in the ftp packet ( the nat has to be ftp aware or worse solution: the server has to send your outside interface IP)

http://slacksite.com/other/ftp.html
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
configuring it as a router ftp, my sql,web server, and open and close ports with masq digitalf Mandriva 1 09-04-2004 04:43 AM
ftp server ports - conntrack kola Linux - Security 6 07-23-2004 07:14 AM
how do i change ports for ftp server Kertais909 Linux - Networking 3 07-21-2004 04:18 AM
Unable to access my ssh server and ftp server from the Internet, but smtp works foxone Linux - Networking 1 05-28-2004 05:17 PM
FTP Server..... opening of ports and all that Daniel Linux - Networking 2 12-12-2002 09:43 AM


All times are GMT -5. The time now is 06:48 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration