[ previous ] [ next ] [ threads ]
 From:  Paul Hormis <phormis at blur dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Another weird FTP problem...
 Date:  Mon, 22 Sep 2003 10:33:47 -0700
Ok so I think I have it narrowed down to port 20 not being open 
outbound?  Does that make sense?

I have port 21 open incoming but I THINK I need to open port 20 outbound?

Perhaps I am setting the inbound of port 20 wrong?

Any suggestions as to how I would do that?  Currently I have it on TCP 
and Other but I think that is probably wrong.

Thanks to you all for you help this far.


Paul Hormis
Blur Studio
Digital Artist/Animator

Manuel Kasper wrote:

>On Sat, 20 Sep 2003, Paul Hormis wrote:
>>I can connect no problem from within my LAN with either a browser or an
>>FTP client.
>>As soon as I try from work (outside my LAN) I have permission problems.
>Probably the classical passive-mode-FTP-server-behind-NAT problem. Try
>setting your FTP client(s) for active mode FTP. Unfortunately, ipfilter
>does not provide an FTP proxy for incoming connections, only for outgoing,
>so it's really difficult to run a passive mode FTP server behind NAT.
>Active mode has the downside that some firewalls don't handle it properly
>(in active mode, the server establishes a connection to the client for
>data transfers, and the firewall needs to install a temporary rule to
>permit that inbound connection. m0n0wall does that, but only for outbound
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch