ftp server behind nat
Hi,
I'm trying to setup a publicly accessible ftp server. My linux box is behind a router doing NAT so in order to allow passive as well as active mode i put the following in my vsftpd.conf: pasv_enable=YES pasv_min_port=65000 pasv_max_port=65534 pasv_address=<my wan ip here> and i also set my router to forward that port range. when i connect to the server from another machine behind my router, all is well; after the PASV command, my server responds with: "entering passive mode my_wan_ip,255,23" (or two similar numbers that denote a port in the 65000-65534 range) however, if i try to connect from the other side of the router, my server repsonds to the PASV command with: "entering passive mode my_wan_ip,117,XX" Why is my server now advertising a port that is not in the range i specified?? Any help would be most appreciated! Thanks, Alan |
Try using DMZ host feature. This setting lets all ports pass through so you need to setup a software firewall in LINUX. Also you need to configure LINUX for a static (fixed) ip address.
|
Do you think I can rule out the possibility that the router is fiddling with the packet as it leaves the lan? It just confuses me that it does what i want locally, but goes haywire when it's got to go beyond the box!
|
All times are GMT -5. The time now is 07:48 AM. |