Date: Sun, 23 May 2004 10:29:07 -0400 From: Bart Silverstrim <bsilver@chrononomicon.com> To: "Andri Kok" <freebsd_list@hotmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: FTPD & SSHD server Message-ID: <8C857FDA-ACC5-11D8-B60B-000A956D2452@chrononomicon.com> In-Reply-To: <BAY19-F7Ur3CrJRxKZM00000c8c@hotmail.com> References: <BAY19-F7Ur3CrJRxKZM00000c8c@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On May 23, 2004, at 10:04 AM, Andri Kok wrote: > Hello fellas, > > I have FTPD and SSHD running. The way enabled it was by uncommenting > lines in inetd.conf. Now, If I access it from the outside (school's > lab to my home computer, we have static IP) it works. But If my > friends try to access it from the local network, it doesn't work > (Using windows). I set up my server using a DHCP assigned IP address > (C class), and the router that I use is the default router from my > adsl modem. Should I use the server as the gateway as well? > suggestions? TIA guys =) > You mean if your friends try accessing the server from the *internal* network it won't let them, but from the outside world going into the server it works fine? A) Did you verify the IP address they are connecting to is the actual internal IP the server has? B) Is the server set to reject certain IP addresses from accessing those services? C) What do the logs have to say about the connection attempts? If *I* were setting it up, I'd advise not having the server set up using DHCP internally. Set the server system to a static IP outside of the router's DHCP range, then make sure the port forwarding on the router is set up properly to forward those protocols to the internal server's static IP address. Only the router would be the gateway, as it is what is handling the routing of packets to the Internet (Unless you're setting up your BSD system to act as a proxy server with something like Squid...but I think that's outside the scope of your question :-) I've seen this setup several times...you have a static IP as seen from the Internet (actually it hits a router/NAT/soho device just behind the cable modem or DSL modem); that device is set to forward certain services to internal machines. Those machines should have static addresses to prevent the server from "wandering" if the DHCP address changes for some reason. Leave the DHCP to be sent to visiting machines and non-server workstations on the internal network...if you don't have a reason for them to constantly keep the IP, then they're a candidate for DHCP (advice? Don't do it unless you have notebook PCs. Home and small networks usually don't present such a management quagmire that it's too difficult to keep static IPs on them. I personally have my internal computers set to static IPs with a DHCP server handing out only a narrow number of IPs for the visiting laptops I use from work and the occasional playing with the PDA with wireless access...it's much easier to see if another system is hopping the network when an "alien" MAC address shows up in the logs; that's just my personal take on it though). Hope that helps...if you can, try posting errors from the server logs if the above suggestions don't help you. -Bart
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8C857FDA-ACC5-11D8-B60B-000A956D2452>