On Wed, Nov 4, 2009 at 3:01 PM, Nathan Eisenberg <[email protected]> wrote: > > Sorry for bringing this back up – what’s the correct way to implement an FTP > server behind a 1:1 NAT and not receive 500 Illegal PORT command? I don’t > care if it uses the proxy, I just want incoming FTP connections to work. ☺
How many ftp servers do you need to support? If only one, then ignore that you have 1:1 NAT and just set up the ftp with the ftp proxy as per the instructions on the wiki and have it map the ftp port to your ftp server. This is what I do. In this configuration, it is just coincidence that the server has a 1:1 mapping on it. We advertise the ftp server as a different hostname so that makes it easier to move its IP to that of the main firewall IP. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
