Date: Tue, 1 Feb 2005 10:14:28 +0100 From: Dick Hoogendijk <dick@nagual.st> To: freebsd-questions <freebsd-questions@freebsd.org> Subject: Re: Ftp behind firewall/nat Message-ID: <20050201091428.GA4689@lothlorien.nagual.st> In-Reply-To: <BAY103-F14B8FED09595470529EB46C07C0@phx.gbl> References: <41FEBA23.6090808@locolomo.org> <BAY103-F14B8FED09595470529EB46C07C0@phx.gbl>
next in thread | previous in thread | raw e-mail | index | archive | help
On 31 Jan eric wyzerski wrote: > The solution is to explicitly tell your FTP server what to report as its > IP address, and give it a range of ports to give out as well. > unix-server configuration file as follows: passive ports > 0.0.0.0/0 32768 49151 > passive address your.pub.IP.addr 0.0.0.0/0 > > At the time of writing, it's been reported that Microsoft IIS's FTP > server is not capable of being configured this way. > so, my problem exactly this: the client try to connect to 10.1.1.6 and > not my external IP address. guess what? Im using IIS ftp server (I > cant use anything else), so does there is a way to resolve this > problem on doing something on the routeur (ipnat)? Only "solution" is open all your high incoming ports. You don't want that of course ;-) There is NO other way PASS can be handled or redirected. You *need* to know beforehand which ports exactly will be opened. Aks microsoft why they won't support this feature. They are moving into a more secure OS (at least they say they are..) -- dick -- http://nagual.st/ -- PGP/GnuPG key: F86289CE ++ Running FreeBSD 4.11 ++ FreeBSD 5.3 + Nai tiruvantel ar vayuvantel i Valar tielyanna nu vilja
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050201091428.GA4689>