RE: [gb-users] FTP Tunnel?

17 Jan 2002 21:09:51 -0000 


You don't need to open port 20, just 21/TCP.  I think something else 
is going on.  Here at GTA were a FreeBSD shop, so I know this works 
since ftp.gta.com and ftp.gnatbox.com are FreeBSD systems behind a 
3.2.2 system with a simply 21/TCP tunnel, (with the correct RA 
filters too).

Paul

>I'm running 3.2.2s and I'm trying to communicate from a freebsd server to a
>freebsd host.  I haven't tried opening port 20.  Never knew that was needed
>for FTP transfers, but I can't see any tunnels opening for port 20 in my
>logs.
>
>Basically what happens is I see a tunnel for port 21 as the client connects,
>then the 49154 port opens when the file transfer starts.  If I do a 0 to 0
>port (all port) tunnel it works fine.
>
>-----Original Message-----
>From: Dan Swartzendruber [mailto:[EMAIL PROTECTED]]
>Sent: Thursday, January 17, 2002 1:04 PM
>To: Reasoner, Bob (PHES); '[EMAIL PROTECTED]'
>Subject: Re: [gb-users] FTP Tunnel?
>
>
>At 12:40 PM 1/17/2002 -0600, Reasoner, Bob (PHES) wrote:
>>Shouldn't an Inbound tunnel opening port 21 from an alias IP to a PRO IP be
>>sufficient to allow ftp transfers?  I can get connected, but can't transfer
>>(times out).  If I review the logs I get an RAF block of tcp port 49154.
>If
>>I open everything I can see two tunnels activated one on port 21 and one on
>>49154 (both tcp).  This is the same whether I use "Passive" ftp clients or
>>regular.
>
>this doesn't sound right.  if it was an active client, it would be port 20,
>not some
>high numbered port?
>
>>It seems like this has been a problem since 3.2.0, but I don't recall the
>>problem with older versions.
>
>there was in fact a bug (reported by me) where passive clients were not
>working
>properly if they were behind a NAT appliance of some sort.  this is fixed
>in 3.2.2
>(which i can confirm).  can this be it?
>
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>To subscribe to the digest version first unsubscribe, then
>  e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]


-- 
----------------------------------------------------------------------------
Paul Emerson                             Tel: +1.407.380.0220 x1106
Global Technology Associates, Inc.       Fax: +1.407.380.6080
3505 Lake Lynda Drive                 Mobile: +1.407.310.8563
Suite 109                              Email: [EMAIL PROTECTED]
Orlando, Florida 32817 USA               Web: http://www.gta.com
                                 Mobile Email: [EMAIL PROTECTED]
----------------------------------------------------------------------------
























					Reply via email to