On Sat, 20 Sep 2003, Paul Hormis wrote:
> I can connect no problem from within my LAN with either a browser or an
> FTP client.
> As soon as I try from work (outside my LAN) I have permission problems.
Probably the classical passive-mode-FTP-server-behind-NAT problem. Try
setting your FTP client(s) for active mode FTP. Unfortunately, ipfilter
does not provide an FTP proxy for incoming connections, only for outgoing,
so it's really difficult to run a passive mode FTP server behind NAT.
Active mode has the downside that some firewalls don't handle it properly
(in active mode, the server establishes a connection to the client for
data transfers, and the firewall needs to install a temporary rule to
permit that inbound connection. m0n0wall does that, but only for outbound