Hi Nathan,
Nathan Eisenberg wrote:
Sorry for bringing this back up whats the correct way to implement an FTP server behind a 1:1 NAT and not receive 500 Illegal PORT command? I dont care if it uses the proxy, I just want incoming FTP connections to work.
I can never keep the two straight, but try either active or passive mode (try the opposite of what you're using, or try them both -- there's only two). One will open data connections from server->client and the other will do the same from client->server. May work depending on your setup.
The other [better] way to do it would be to have your FTP protocol re-written (inspected, in Cisco parlance) for the 1:1 NAT translation.
Hope this helps, -- William R. Lorenz --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
