RE: [Security Firewall] MNF: LAN->WAN FTP acces problem

Wed, 28 Jul 2004 15:34:42 -0700 

Hi Hernan,
Does FTP work if they use the IP instead of the FQDN? Also where are the
clients looking for name resolution (where is their DNS box)?

Best regards,
Patrick

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Hernan
Castaneda
Sent: Wednesday, July 28, 2004 3:06 PM
To: [EMAIL PROTECTED]
Subject: [Security Firewall] MNF: LAN->WAN FTP acces problem


Hi all,

I've installed a box with MNF to serve as
firewall/proxy to a Windows XP/2000 hosts lan. The box
has two NICs eth0 is connected to the lan
192.168.4.0/24 and eth1 has a public IP address
assigned to it, the hosts can connect to Internet
without problems (http, https) but FTP can only be
accessed through the browsers (IE6 SP1 and Mozilla
1.7), even with IE when connects to the ftp server a
message box appears saying that the access in read
only because the proxy isn't configured correctly. If
they try to make an FTP connection using a client (WS
FTP 9) or even "DOS" console an error appears saying
that the connection couldn't establish because the
name cannot be resolved (DNS Problem); Squid is in
transparent mode.  Can anybody please help me.

Regards,
Hernan Castaqeda

I atach firewall configuration.
Default policies:
1       lan     all     REJECT  info
2       fw      all     ACCEPT  info
3       wan     all     DROP    info
4       all     all     REJECT  info
Rules:
1   ACCEPT      fw      wan     tcp+udp 53
2   ACCEPT      lan     wan     udp     53
3   REJECT      wan     fw      tcp     113
4   ACCEPT      lan     fw      tcp     22
5   ACCEPT      lan     fw      tcp     8443
6   ACCEPT      fw      lan     icmp    8
7   ACCEPT      lan     fw      icmp    8
8   ACCEPT      lan     wan     tcp     pop3
9   ACCEPT      lan     wan     tcp     smtp
10  ACCEPT      lan     wan     tcp     http
11  ACCEPT      lan     wan     tcp     https
12  ACCEPT      lan     wan     tcp     ssh
13  ACCEPT      lan     wan     tcp     ftp
14  ACCEPT      lan     wan     tcp     nntp
15  ACCEPT      fw      wan     udp     ntp
16  ACCEPT      lan     wan     tcp     imap
17  ACCEPT      fw      wan:20022 tcp   ftp
20  ACCEPT      lan     fw      tcp     https
23  ACCEPT      fw:3328 wan     tcp     https
24  ACCEPT      lan     fw::3328 tcp    www     all
25  ACCEPT      fw      wan     tcp     www

P.D.: Sorry if the mail is to long I tried to be as
much specific as I could




__________________________________
Do you Yahoo!?
Yahoo! Mail - You care about security. So do we.
http://promotions.yahoo.com/new_mail




____________________________________________________
Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com
Join the Club : http://www.mandrakeclub.com
____________________________________________________

Reply via email to