Hello, I've got strange problem ,
I give my customers public ips with SNAT/DNAT (we call it 1:1) ip mapping. When A client with lan ip 10.100.1.123 has public ip 217.17.x.123 he can use all the apps he want (apps that demand public ip or forwardded port) so everything seems to be okay... but ... a) active ftp does not work b) avaya vpn works sometimes, and sometimes not... ad a) so tracing the problem i tcpdumped one client (he's using pppoe channel and i have rp-pppoe server) the ftp server responsed with "port 1026 unavailable" ... then i've telneted to this port and i've noticed that telnet touched my customer's 1026 port ... how can it be that all ports are mapped and reachable with telnet but active ftp does not work ? ad. b) this is only strange case that encouraged me to claim that we've got some problems ;) my firewall: iptables -L -n : http://paste.debian.net/13327 iptables -L -n -t filter : http://paste.debian.net/13330 iptable -L -n -t nat : http://paste.debian.net/13329 if You want some more debug - please request for it ;) thanks -- Wojciech Ziniewicz | jid:[EMAIL PROTECTED] http://silenceproject.org | http://zetho.wordpress.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
