[ previous ] [ next ] [ threads ]
 
 From:  "Nicolas Rainville" <NRainville at pre2post dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  FW: Accessing FTP server behind firewall in Bridge mode
 Date:  Tue, 9 Mar 2004 12:15:37 -0500 
Hi everyone,
 
We have a M0N0wall as a firewall with a Windows FTP server on the DMZ.
The firewall is in Bridge mode, all traffic is allowed from the DMZ to
the WAN. The WAN interface has rules set up for the different ports -
all works well.
 
Where I have a problem is with FTP. If I open port 21 incoming and
1024-50000 outgoing I can get FTP to work in Passive mode as long as the
client connecting to it (from the WAN interface) is not behind a NAT
router. Also, this setup forces me to open a lot of ports, disabling a
very large part of the security provided by the firewall.
 
I could not get Active mode to work (tried opening port 20) at all. A
proxy would probably work here, but as far as I know it is not
supported.
 
NAT is not set up on the M0n0wall machine (we have a router doing that
work) and we are currently running version pb20r555 
built on Mon Nov 24 19:23:59 CET 2003 
 
Any suggestions?
 
Thank you,
 
Nicolas Rainville
Pre2Post Inc.