Title: Message
Claudio,
 
I posted a similar question to Jeff's the other day and I've seen at least one other similar message since then.  I think I can speak for most of us when I say that we all understand the nature of the problem.  What we want is an answer.  If there is no way to do this then that's the answer for now but how is it that the company that produces "MoveIt DMZ" says that their product can handle this  situation (i.e. NAT on both sides with SSL) by using configurable rules?  If there is something inaccurate in their statements please let us know.  I heard from your support personnel that your team is working on a way to make this work - when can we expect to see a solution?
 
Andy Eng
Systems Administrator
Overwaitea Food Group
-----Original Message-----
From: Claudio M Robles [mailto:[EMAIL PROTECTED]]
Sent: Thursday, November 21, 2002 2:19 PM
To: [EMAIL PROTECTED]
Subject: Re: [WS_FTP Forum]

Jeff,
 
   The problem is establishing data connections.  For that
one of the peers (client or server) needs to inform the other
where (ip and port) is going to wait for a connection and the
firewall needs to forward this connection.
  Some firewall automatically forward connections when they
"see" the FTP command "port" going out, but for a SSL
connection the firewall is not able to see anything, so you
would need put the server on the DMZ (demilitarized zone),
or configure the firewall to forward a large range of ports to the
server.  WS_FTP 7.6 will detect the wrong IP when the
server is NAT and automatically switch to the external IP.
 
 
Claudio M. Robles
FTP Development Team
 
 
----- Original Message -----
Sent: Thursday, November 21, 2002 4:48 PM
Subject: [WS_FTP Forum]

Does anyone have any creative solutions for using SSL behind NAT on client and server.  Ipswitch says it is not possible - I am curious what workarounds anyone has done.....
 
Jeff A. MacLardy, P.E.
R.F. Stearns, Inc.
1800 Blankenship Rd., Suite 325
West Linn, OR  97068
(503) 723 5959
(503) 723 5960 FAX
 

Reply via email to