Date: Sat, 16 Mar 2002 19:25:41 -0500 (EST) From: Marco Radzinschi <marco@radzinschi.com> To: Donnie Jones <donniejones18@yahoo.com> Cc: <freebsd-questions@FreeBSD.ORG> Subject: CORRECTION: ftp server and freebsd gateway ( ipnat ) Message-ID: <20020316191834.C61753-100000@mail.radzinschi.com> In-Reply-To: <20020316132946.N61193-100000@mail.radzinschi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello: Just noticed a mistake in my original reply. Don't know how I made this one, since I know good and well that one must open up ports > 1024 for FTP-PROXY to work. In active FTP mode, the server opens up a connection FROM port 20 to a client port > 1024. If the client is behind a firewall that blocks incoming connections to ports > 1024, active FTP will not work. Small mistake on my part, but one could interpret it to mean that allowing incoming connections on port 20 on the client side will fix active FTP. This is not the case, as ports > 1024 need to be open on the client firewall, and forwarded accordingly. Marco Radzinschi E-Mail: marco@radzinschi.com AOL IM: CrackedBoy On Sat, 16 Mar 2002, Marco Radzinschi wrote: [snip!] > The only problem I can see with your setup is that in active mode, the FTP > servers open up a connection to port 20 on the client. Their firewall > may not be letting port 20 in, in which case active mode will not work for them. > > If the clients are behind a firewall, they will not be able to connect to > your FTP servers unless their firewall has an FTP-PROXY to allow active > FTP connections. [snip!] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020316191834.C61753-100000>