Hi,
I can find quite a lot of documentation concerning a FTP server. But I
don't find the way to do it.
My situation:
Internet <--> Firewall <--> FTP server
Firewall and FTP server are Debian 11 and I use the latest shorewall.
The Firewall has three public IP addresses, FTP server had no public IP
address. Firewall and FTP server are connected to a private
172.23.10.0/24 network.
This setup is new but in fact a replica of the existing situation (I'm
moving to a new hosting party). In the existing situation and new
situation all works fine (Debian 10) as long as I don't use a
certificate. This is the DNAT rule I use:
SECTION NEW
FTP(DNAT) wan1 lan1:$FTP_INT - - - $FTP_EXT
where $FTP_INT and $FTP_EXT the internal and external IP addresses are
of the FTPserver.
As said, works fine as long as I don't use a certificate. With TLS
connection Filezilla:
Status: Server sent passive reply with unroutable address. Using
server address instead.
I can login, problem must be related to data on port tcp/20. Can someone
help me and tell me what I'm doing wrong or what I'm missing. Probably
something with a helper.
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
