|
||||||||
I am new to m0n0wall and really like its features. I have setup a test box and have been having trouble with configuring an FTP server in the DMZ. I have three interfaces: WAN LAN DMZ The FTP Server is in the DMZ and has a private 10.0.0.200 address I have 5 public static IP addresses, for this example I will use 172.16.10.10. I have created a Server NAT rule for that ip address 172.16.10.10. I also have a proxy ARP entry for the external ip address, which is different to answer ARP requests. I have created a INBOUND NAT rule (and auto generated firewall rule) of the following: IF:WAN Proto:TCP ExtPort Range: 1-65000 NATIP 10.0.0.200 (ext: 172.16.10.10) Int Port Range: 1-65000 Desc:FTP I know this is opening up the DMZ way too much, but I am just trying to test this out. From an outside Internet connecting I can connect to the FTP and when it issues the PASV command, it then stalls..... Here is the output from the client: [root@localhost root]# ftp -v -d 172.16.10.10 Connected to 172.16.10.10 (172.16.10.10). 220 FTP server at 10.0.0.200 ready. Name (172.16.10.10:root): admin ---> USER admin 331 Password please. Password: ---> PASS XXXX 230 User logged in. ---> SYST 215 UNIX Type: L8 Remote system type is UNIX. Using binary mode to transfer files. ftp> ls ---> PASV 227 Entering Passive Mode (10,0,0,200,4,92) ftp: connect: Connection timed out I cannot get any file listing.... I do have a firewall rule which allows all traffic from the DMZ-> OUTSIDE. From the FTP server I can surf our onto the Internet. Any ideas? thanks, -lance- |