I just can't get Passive/Active ftp combination to work from both inside and outside the LAN reliably, with an FTP server behind a NAT gateway.
Here are my requirements: 1. Access via Active and Passive FTP from inside/outside LAN 2. FTP server must have access to mounted SMBFS folder on LAN Here is my solution: Make the FTP server dual-homed. One NIC faces internet, the other the intranet. No NAT'ing on FTP server. Only FTP traffic allowed in on external interface. Configure FTP server to use high ports, and allow those ports in ipf.rules. Allow all traffic on internal interface if coming from internal network. Do you think this will work? If the machine has two NICs and two IPs, which one will the FTP server (either ftpd or pure-ftpd) use during Passive FTP? Is this a bad idea? Thanks, Adam
