I am new to m0n0wall and really like its features. I have setup a test
box and have been having trouble with configuring an FTP server in the
I have three interfaces:
The FTP Server is in the DMZ and has a private 10.0.0.200 address
I have 5 public static IP addresses, for this example I will use 172.16.10.10.
I have created a Server NAT rule for that ip address 172.16.10.10. I
also have a proxy ARP entry for the external ip address, which is
different to answer ARP requests.
I have created a INBOUND NAT rule (and auto generated firewall rule)
of the following:
ExtPort Range: 1-65000
NATIP 10.0.0.200 (ext: 172.16.10.10)
Int Port Range: 1-65000
I know this is opening up the DMZ way too much, but I am just trying
to test this out.
From an outside Internet connecting I can connect to the FTP and when
it issues the PASV command, it then stalls..... Here is the output
from the client:
[root@localhost root]# ftp -v -d 172.16.10.10
Connected to 172.16.10.10 (172.16.10.10).
220 FTP server at 10.0.0.200 ready.
Name (172.16.10.10:root): admin
---> USER admin
331 Password please.
---> PASS XXXX
230 User logged in.
215 UNIX Type: L8
Remote system type is UNIX.
Using binary mode to transfer files.
227 Entering Passive Mode (10,0,0,200,4,92)
ftp: connect: Connection timed out
I cannot get any file listing....
I do have a firewall rule which allows all traffic from the DMZ->
OUTSIDE. From the FTP server I can surf our onto the Internet.