On Thu, 18 Aug 2005, Michael Sullivan wrote: > One of my users is having a problem with FTP access to my server. He > says that he can connect and get a listing for his home directory, but > he can't do anything beyond seeing the listing. He's connecting from > outside the network. I can connect and interact with my personal > account through FTP just fine from inside the network, but everytime I > try to connect like he does (using ftp.espersunited.com) I get a 425 > Security Bad IP error. I don't have access to a computer physically > outside the network to use to diagnose this problem, so working around > this Bad IP error is my only option. The IP address that > ftp.espersunited.com points to is the external address of my router, so > it might be complaining because the requesting IP is the same as the > requested IP. Any help on fixing this? Google and the vsftpd.conf man > page were no help...
Pleae be aware of how FTP works: there are two connections per user - one is the control port and one is for data. With active FTP, the user's FTP client picks a local port number for the data port. With passive FTP, the server picks a data port number and tells the client what port number to use. Obviously, your router and/or firewall needs to be configured to allow both types of ports into your LAN and to forward the ports to the correct place. Passive FTP is better from a firewall point of view but your firewall still needs to know to open the port for incoming connections. If you firewall is not capable of doing that then this wont work and you may need to put you FTP server outside of your firewall in a DMZ. -- -- [email protected] mailing list
