Ftp behind firewall/nat
Dick Hoogendijk
dick at nagual.st
Tue Feb 1 01:15:20 PST 2005
On 31 Jan eric wyzerski wrote:
> The solution is to explicitly tell your FTP server what to report as its
> IP address, and give it a range of ports to give out as well.
> unix-server configuration file as follows: passive ports
> 0.0.0.0/0 32768 49151
> passive address your.pub.IP.addr 0.0.0.0/0
>
> At the time of writing, it's been reported that Microsoft IIS's FTP
> server is not capable of being configured this way.
> so, my problem exactly this: the client try to connect to 10.1.1.6 and
> not my external IP address. guess what? Im using IIS ftp server (I
> cant use anything else), so does there is a way to resolve this
> problem on doing something on the routeur (ipnat)?
Only "solution" is open all your high incoming ports. You don't want
that of course ;-)
There is NO other way PASS can be handled or redirected. You *need* to
know beforehand which ports exactly will be opened.
Aks microsoft why they won't support this feature. They are moving into
a more secure OS (at least they say they are..)
--
dick -- http://nagual.st/ -- PGP/GnuPG key: F86289CE
++ Running FreeBSD 4.11 ++ FreeBSD 5.3
+ Nai tiruvantel ar vayuvantel i Valar tielyanna nu vilja
More information about the freebsd-questions
mailing list