[ previous ] [ next ] [ threads ]
 From:  Lance Mueller <badf00d2 at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Help with FTP
 Date:  Thu, 18 Aug 2005 09:22:05 -0700
I am new to m0n0wall and really like its features. I have setup a test
box and have been having trouble with configuring an FTP server in the

I have three interfaces:

The FTP Server is in the DMZ and has a private address
I have 5 public static IP addresses, for this example I will use

I have created a Server NAT rule for that ip address I
also have a proxy ARP entry for the external ip address, which is
different to answer ARP requests.

I have created a INBOUND NAT rule (and auto generated firewall rule)
of the following:

ExtPort Range: 1-65000
NATIP (ext:
Int Port Range: 1-65000

I know this is opening up the DMZ way too much, but I am just trying
to test this out.

From an outside Internet connecting I can connect to the FTP and when
it issues the PASV command, it then stalls..... Here is the output
from the client:

[root@localhost root]# ftp -v -d
Connected to (
220 FTP server at ready.
Name ( admin
---> USER admin
331 Password please.
230 User logged in.
---> SYST
215 UNIX Type: L8
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
---> PASV
227 Entering Passive Mode (10,0,0,200,4,92)
ftp: connect: Connection timed out

I cannot get any file listing....

I do have a firewall rule which allows all traffic from the DMZ->
OUTSIDE. From the FTP server I can surf our onto the Internet.

Any ideas?