On Wed, 4 Nov 2009, Evgeny Yurchenko wrote:
Nathan Eisenberg wrote:
Sorry for bringing this back up whats the correct way to implement an FTP server behind a 1:1 NAT and not receive 500 Illegal PORT command? I dont care if it uses the proxy, I just want incoming FTP connections to work.
Which PORT command results in '500 Illegal PORT command'?
That happens when there's not any stateful FTP inspection, i.e. to map the internal RFC1918 space to a public IP address per the 1:1 NAT, as is used by the FTP protocol to open up a socket. There's only one "PORT" command.
-- William R. Lorenz --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
