Today I used FTP service inside NAT and get so many problem. After dig through Internet, here is the solution:
First, it's the topo:
FTP server stay inside NAT network with local IP. From internal network, vsftp working properly but if we access from Internet, this problem occur:
Then
The problem is when FTP initial in passive mode, it will send it's IP and passive port to client. But in this case, it send local IP and local port to client so client can't connect.
Here's the config of /etc/vsftpd.conf to solve the issue:
After run edit, run service vsftpd restart and vsftpd now provide service to internet user :)
First, it's the topo:
Server sent passive reply with unroutable address. Using server address instead
Then
Error: The data connection could not be established: EHOSTUNREACH - No route to host
Error: Connection timed out
Error: Failed to retrieve directory listing
The problem is when FTP initial in passive mode, it will send it's IP and passive port to client. But in this case, it send local IP and local port to client so client can't connect.
Here's the config of /etc/vsftpd.conf to solve the issue:
listen_port=4545 # In some modem, port 21 also used to upload firmware so we can't NAT this port
pasv_address=118.69.x.x # To tell client the external IP (when FTP init)
pasv_max_port=5000 # the port client connect to, it should be open and NAT on modem
pasv_min_port=5010
No comments:
Post a Comment