View previous topic :: View next topic |
Author |
Message |
TheKingster Link Spammer
Joined: 03 May 2002 Posts: 0 Location: UK
|
Posted: Fri Feb 07, 2003 1:34 pm Post subject: PASV mode on FTP |
|
|
I have an FTP up and running.
When a connection is made, firstly it goes to the router. The router the port forwards the request onto the internal ip address of the box the ftp is running on. To get the whole thing working I had to enable some port triggering for the ip range the ftp is running on, not sure why (if anyone knows please tell me) but it was just a lucky guess.
Alls working well and good, except I can't seem to get PASV mode working. It just says connection lost. Users have to take off PASSIVE mode to get it working.
Any ideas?
|
|
Back to top |
|
|
b4rtm4n Trusted SF Member
Joined: 26 May 2002 Posts: 16777206 Location: Bi Mon Sci Fi Con
|
Posted: Fri Feb 07, 2003 1:55 pm Post subject: |
|
|
Mate, what filters are running on router/firewall.
PASV needs clear outbound access to all ports >1023 to work.
Normal needs inbound access to port 20.
|
|
Back to top |
|
|
TheKingster Link Spammer
Joined: 03 May 2002 Posts: 0 Location: UK
|
Posted: Fri Feb 07, 2003 1:57 pm Post subject: |
|
|
all the way to 65535??
|
|
Back to top |
|
|
myhatisred Just Arrived
Joined: 11 Jan 2003 Posts: 0
|
Posted: Fri Feb 07, 2003 4:35 pm Post subject: |
|
|
what kind of router/firewall is it?
|
|
Back to top |
|
|
b4rtm4n Trusted SF Member
Joined: 26 May 2002 Posts: 16777206 Location: Bi Mon Sci Fi Con
|
Posted: Fri Feb 07, 2003 4:45 pm Post subject: |
|
|
TheKingster wrote: |
all the way to 65535?? |
Yep!
PASV chooses a random port >1023 to create its data channel.
|
|
Back to top |
|
|
myhatisred Just Arrived
Joined: 11 Jan 2003 Posts: 0
|
Posted: Fri Feb 07, 2003 4:57 pm Post subject: |
|
|
that's interesting, my ftp server only has ports 20 + 21 open and it works on every mode
|
|
Back to top |
|
|
b4rtm4n Trusted SF Member
Joined: 26 May 2002 Posts: 16777206 Location: Bi Mon Sci Fi Con
|
Posted: Fri Feb 07, 2003 4:58 pm Post subject: |
|
|
Outbound
|
|
Back to top |
|
|
TheKingster Link Spammer
Joined: 03 May 2002 Posts: 0 Location: UK
|
Posted: Fri Feb 07, 2003 5:15 pm Post subject: |
|
|
dunno how to configure just outbound on my router?
its a linksys 4 port switch\router.
|
|
Back to top |
|
|
b4rtm4n Trusted SF Member
Joined: 26 May 2002 Posts: 16777206 Location: Bi Mon Sci Fi Con
|
Posted: Fri Feb 07, 2003 5:22 pm Post subject: |
|
|
If all outbound is allowed PASV will work
Normal mode requires inbound access to port 20
|
|
Back to top |
|
|
TheKingster Link Spammer
Joined: 03 May 2002 Posts: 0 Location: UK
|
Posted: Fri Feb 07, 2003 5:29 pm Post subject: |
|
|
Yeh cant find where to allow all outbound
|
|
Back to top |
|
|
b4rtm4n Trusted SF Member
Joined: 26 May 2002 Posts: 16777206 Location: Bi Mon Sci Fi Con
|
|
Back to top |
|
|
Jason Forum Fanatic
Joined: 19 Sep 2002 Posts: 16777215
|
|
Back to top |
|
|
TheKingster Link Spammer
Joined: 03 May 2002 Posts: 0 Location: UK
|
Posted: Fri Feb 07, 2003 6:07 pm Post subject: |
|
|
I knwo about ftps, thats not what im looking for. I have port forwarding on my router that allows me to control inbound but cant see any outbound settings at all.
|
|
Back to top |
|
|
chris Forum Fanatic
Joined: 18 Apr 2002 Posts: 16777201 Location: ~/security-forums
|
Posted: Fri Feb 07, 2003 6:14 pm Post subject: |
|
|
There are NO outgoing restrictions on the linksys by default.
PASV can be problematic behind NAT, im assuming you want pasv to ftp ? otherwise just turn it off in the ftp client.
Ive had similar problems before, some servers with both the control and data FTP ports open its been fine, others with the exact same incoming and outgoing restrictions havent.
|
|
Back to top |
|
|
TheKingster Link Spammer
Joined: 03 May 2002 Posts: 0 Location: UK
|
Posted: Fri Feb 07, 2003 6:55 pm Post subject: |
|
|
Yeh I know I can do it at the client end and at server end.
No worries ill just do that.
ITS THE WEEKEND W00000t!!
|
|
Back to top |
|
|
|