Todo #881
closed
Added by Mike Stupalov about 14 years ago.
Updated almost 14 years ago.
Description
Here the out-of-date information: http://doc.pfsense.org/index.php/Howto_setup_ftp_server_behind_pfsense
How to force to work passive FTP from LAN to WAN.
In current snapshot passive ftp doesn't work.
$ ftp 93.158.155.195
Connected to 93.158.155.195.
220 Welcome to Yandex FTP service (sower.yandex.ru).
Name (93.158.155.195:mike): ftp
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> dir
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
-rw-r--r-- 1 ftp ftp 263 Aug 13 06:04 HEADER.txt
drwxr-xr-x 12 ftp ftp 4096 Oct 27 2009 altlinux
drwxr-sr-x 15 ftp ftp 4096 Apr 08 09:54 altlinux-beta
...
226 Directory send OK.
ftp> passive
Passive mode on.
ftp> dir
227 Entering Passive Mode (93,158,155,195,219,180)
ftp: connect: Connection timed out
In revision 049a688e5daac240b2651bbd2cc178612741d23a removed all ftp-helper programs.. why?
Mike, do you have floating firewall rules in use? See issue #863.
I just updated to 2.0-BETA4 (i386) built on Tue Sep 7 23:11:08 EDT 2010 (latest) and tested LAN->WAN ftp connection, both passive and active mode worked fine without floating rules in use - with floating rules, the passive mode connection worked, the active mode failed (different than what you're reporting). This is the flip side of issue #863, where passive fails for a WAN->LAN connection with floating rules in use.
The ftp helper was removed because it's handled in the kernel now.
I'm seeing the same thing as Mike using 2.0-BETA4 (i386) built on Mon Sep 6 22:04:59 EDT 2010. Though passive FTP was definitely working for us up until this weekend, perhaps there was a regression of some sort?
We're not using any floating rules, btw. Just trying to allow our users on LAN to access FTP on WAN. Active FTP is fine.
Try latest snapshot should be working ok.
We're still seeing the exact same behaviour (Active FTP works fine, Passive doesn't work) on this snapshot:
2.0-BETA4 (i386)
built on Thu Sep 9 19:39:18 EDT 2010
FreeBSD 8.1-RELEASE
I update to snapshot:
2.0-BETA4 (i386)
built on Thu Sep 9 00:41:45 EDT 2010
Now do not work both types FTP (Active, Passive). :(
I disable floating rules, it hasn't helped.
If the information helps, we use gateway groups.
Mike Stupalov wrote:
Now do not work both types FTP (Active, Passive). :(
Sorry, I have a little deceived.
All also doesn't work a passive mode. Active - works.
I too see this issue. No passive FTP out from the LAN->WAN works. I just updated to Mon Sep 27 04:12:19 EDT 2010 from a ~ Sep 9 build and am still experiencing the above described issue.
As with the previous poster, I use multi-WAN at this location.
This problem went away within the last 2 days.
- Status changed from New to Feedback
This seems to be ok on latest snaps.
Appears to work for me also. Running 20101108 20:20:58.
I can connect from the LAN to remote FTP servers using PASV.
I can connect from the LAN to the FTP server on OPT1 using PASV
I can connect from the WAN to the FTP server on OPT1 using PASV
work for me too.
can connect from the LAN to remote FTP servers using PASV.
- Status changed from Feedback to Resolved
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by Ermal Luçi 
Updated by 
Updated by 
Updated by 
Updated by