Home > Archive > Windows 2000 track general > July 2002 > FTP server behind NAT





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author FTP server behind NAT
Slinky

2002-06-28, 3:05 pm

Does anybody have an FTP server using IIS 5.0 behind NAT and have it work successfully? I opened up port 21 and port 20 in RRAS and I can't get the data transfers to work. I can connect just fine. I understand the difference between active mode and passive mode for the clien, and I have tried both but I get the same result of not working. Anybody have any ideas?
KScheler

2002-06-28, 3:35 pm

Did you create a special port on the public NIC of the NAT for the FTP? That's how we're doing it.
Slinky

2002-06-28, 4:23 pm

If we're talking about the same thing I right clicked on the public interface, went to properties, and then the special ports tab and opened up port 20 and 21. Passive mode is supposed to get around this by allowing the server to specify the data port but it still doesn't work.
KScheler

2002-06-29, 10:27 am

Yes, that's what I'm talking about. Are you accessing it with a FTP client or web browser? We did not do anything extra to ours and can access it fine with a browser. I haven't tried with a ftp client though.
Slinky

2002-06-29, 10:49 am

I have tried both. I get further with a program like CuteFTP or FlashFXP. Browser doesn't seem to work right at all.
Deja-vue

2002-06-29, 2:15 pm

Slinky
On the Client Side, in CuteFTP for example, go to advanced properties,(or edit properties),uncheck *Firewall mode* and uncheck *PASV Mode*.

I had clients on my FTP with the same problem, this fixed it.

By the Way, i use Bulletproof FTP Server, a really cool 3rd Party FTP Server.

www.bpftpserver.com

please let us know, how you fixed it.
necrophantasm

2002-07-02, 9:57 am

I have gotten it to work, but there is a condition. FTP clients in passive mode can't connect to servers behind NAT. Passive clients use dynamically allocated ports to establish the initial connection so just using port forwarding on 20 and 21 won't work. If you have clients using CuteFTP, if they go into the connection options and uncheck passive mode, they probably won't have a problem. I haven't tried this with 2K RRAS NAT, but I have had this problem at work with Cisco-implemented NAT. The only way i was able to resolve it for clients that HAD to use passive mode was to allow them to connect using all ports (full access to my network... Grrr). Hope this helps!
Sponsored Links





Free Braindumps | MCSE braindumps software forum

Copyright 2003 - 2008 examnotes.net