ftp trouble (3) - routing?

Robert Slade robert at bathnetworks.com
Mon Nov 22 18:13:06 UTC 2004 

Stewart thanks for the reply.

> > Connecting to the external IP address of ftp server from a machine on
> > the internal network, passive mode works, but active mode hangs:
> 
> Perhaps your smoothwall is not set up to proxy active mode FTP.
> Try connecting to e.g. ftp.lantronix.com and logging in as
> "anonymous" with your email address as password.  You should be
> able to do a directory listing.  If this works in passive but not
> in active, I'd first suspect the smoothwall, then the D-Link
> configuration.

>From the machine on my internal network which I had had the above
problems worked ok - Both IE6 and the Command Window allow me to access
and use Dir etc which suggests that the smoothwall and d-link are ok.

> 
> > I get similar results when connecting from an external machine, in this
> > case it is a Windows XP machine, using FTP then ls at a command window
> > gives
> 
> > 200 PORT command successful. Consider using PASV.
> > 150 Here comes the directory listing.
> 
> > and then it hangs which implies that neither passive or active mode
> > works.
> 
> May not be true.  Standard command line FTP in Win XP cannot do passive
> mode at all.  You can try passive mode from Internet Explorer.
> Is that machine directly on a public IP with no firewall or NAT?

The FTP server is on a public IP with no FW apart from the FC2 FW with
the FTP box checked in security level. 
 
> 
> > I have eliminated the firewall on the FTP server as the problem by
> > turning off iptables.
> 
> > As an aside, my local network is behind a firewall (smoothwall) which is
> > using the external address of xxx.xxx.xxx.251.
> 
> If the problems are not on the client side:
> 
> Traceroute to your FTP gives a response from D-Link with address
> xxx.xxx.24.249 . Is that its WAN address?  If so, what is its
> default gateway?  Is the ADSL modem built into the D-Link?
> If not, perhaps you can test with the gateway bypassed.

The setup I have is:

	ISP

	 |

Dlink Modem/router - modem IP address allocated by ISP xxx.xxx.24.249
		     Lan IP address xxx.xxx.24.250. 
	|			|			|

xxx.xxx.24.251		 xxx.xxx.24.253		    Mail Server etc
    			      eth1
Gateway to Internal	   FTP Server 
	NW
			      eth0
  (Smoothwall)			|			|

192.168.0.1		192.168.0.55		192.168.0.etc


The Internal IPs are on the same subnet and connected through a switch.

The Dlink is a combined modem/router/switch 

I have set the FTP server's default gateway as xxx.xxx.24.250 as that is
the next IP address 'up the line'. As I said this appears to work with
the mail server.

Rob











> 
> --Stewart

More information about the fedora-list mailing list