[ previous ] [ next ] [ threads ]
 
 From:  "Ron Carter" <wcarterjr at earthlink dot net>
 To:  "Chris K Ellsworth" <ckellsworth at yahoo dot com>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] FTP server behind monowall
 Date:  Sun, 1 Oct 2006 16:43:21 -0400 
I have been running cerberus ftp for windows for years now.  It works great 
behind monowall.  I have had no problems.  I give it high priority due to 
how I use it.  I be gave to share how I have ti setup with a tech tips doc. 
Let me know.
RC
----- Original Message ----- 
From: "Chris K Ellsworth" <ckellsworth at yahoo dot com>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Sunday, October 01, 2006 4:29 PM
Subject: Re: [m0n0wall] FTP server behind monowall


>i have found the same answers. allways leave it to microsoft to  descide to 
>leave something out.
>
> checkout filezilla.sf.net  is a nice ftp server and client.
>
> chris
>
> On Oct 1, 2006, at 1:11 PM, Bryan K. Brayton wrote:
>
>> I'm not so sure that's configurable on IIS.  Every answer I've ever  seen 
>> to that question is "it's by design, your NAT router should be  rewriting 
>> FTP PASV responses".
>>
>> Never mind that if you encrypt the ftp data or run your ftp server  on 
>> non-standard ports, then that approach won't work either.
>>
>> You may want to start looking at other FTP software and forgetting  that 
>> IIS even has an FTP component.
>>
>> -Bryan
>>
>> ________________________________
>>
>> From: Jimmy Bones (Mhottie) [mailto:mhottie at gmail dot com]
>> Sent: Sun 10/1/2006 3:36 PM
>> To: Chris K Ellsworth
>> Cc: Kimmo Jaskari; m0n0wall at lists dot m0n0 dot ch
>> Subject: Re: [m0n0wall] FTP server behind monowall
>>
>>
>>
>> I've been googling for about an hour... I don't know if my mind is  just 
>> shot
>> this weekend, or if it's really just that hard to find. It has to  be a 
>> key
>> to add, since I searched the entire registry also for strings/data and
>> couldn't find anything.
>>
>> If anyone can help this would save me, and from what I see, MANY  others 
>> a
>> lot of headache.
>>
>> Thanks.
>>
>> On 10/1/06, Chris K Ellsworth <ckellsworth at yahoo dot com> wrote:
>>>
>>> IIRC its in the registry, you might have 2 google alittle for it.
>>>
>>> On Oct 1, 2006, at 12:07 PM, Jimmy Bones (Mhottie) wrote:
>>>
>>>> I've been ripping my hair out over this also... it seems that IIS
>>>> has no
>>>> option (that I know of yet) to set what external IP to answer with
>>>> in the
>>>> passive answer. The internal server is on a 192.x.x.x address,  and has
>>>> server nat forwarding port 21 to it.
>>>>
>>>> IIS responds with it's internal ip address in the passive command
>>>> exchange.
>>>>
>>>> How can you set in IIS via script or registry the external IP addr?
>>>> I am
>>>> either not searching for the right info, or it's just not there.
>>>>
>>>> -J
>>>>
>>>> On 9/10/06, Kimmo Jaskari <kimmo dot jaskari at gmail dot com> wrote:
>>>>>
>>>>> On 9/10/06, Christopher M. Iarocci <iarocci at eastendsc dot com> wrote:
>>>>>
>>>>>> This server does not work as it should, and it is not because of
>>>>> your
>>>>>> firewall, but because of your server config. Your server is  clearly
>>>>>> passing it's own IP back to the client. It should not be doing
>>>>> that.
>>>>>> Your firewall does not do that, the server does. I'm not
>>>>> familiar with
>>>>>
>>>>> Quote from the Filezilla server documentation (or faq, don't
>>>>> remember):
>>>>>
>>>>> --
>>>>> Further you have to allow a port range for incoming connections for
>>>>> passive mode transfers. You can specify this port range on the
>>>>> "passive mode settings" page in the settings dialog in the server
>>>>> interface. In most cases, a range like 5000-5100 is sufficient.  With
>>>>> certain firewalls, it may be possible that FileZilla can't
>>>>> determinate
>>>>> the external IP address. In this case you have to enter the IP
>>>>> address
>>>>> (or your host name) on the passive mode page in the settings  dialog.
>>>>> --
>>>>>
>>>>> You are opening a lot of ports needlessly for passive. A hundred
>>>>> would
>>>>> be enough for all but very active servers. I use 20 for my home box
>>>>> and that's probably overkill.
>>>>>
>>>>> You also need to go to the passive mode page in the settings  dialog,
>>>>> as per the quote above, and enter the external IP or host name of
>>>>> your
>>>>> connection there. If you have a dynamic IP and a DynDNS service set
>>>>> up, put the DynDNS domain name there.
>>>>>
>>>>> You'll need port 21 incoming to forward to the machine with the FTP
>>>>> server and you'll need at least port 20/21 outgoing from it  open; you
>>>>> probably have it all open the way many m0n0wall users do, and  that's
>>>>> fine.
>>>>>
>>>>> --
>>>>> -{ Kimmo Jaskari }--{ kimmo dot jaskari at gmail dot com }--
>>>>>
>>>>> Progress isn't made by early risers. It's made by lazy men  trying to
>>>>> find easier ways to do something.
>>>>>   - Robert Heinlein
>>>>>
>>>>> ------------------------------------------------------------------- 
>>>>> --
>>>>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>>>>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>>>>
>>>>>
>>>
>>>
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>