pfSense's integrated ftp helper DOES solve this problem if configured correctly: - enable the ftphelper at Interfaces/WAN - add a portforward for just port 21 to your IIS server at firewall/nat, portforward (keep the autocreate firewallrule enabled; it will generate one more rule for the ftphelper too) - save and apply
Now everything should work like expected. Active and passive ftp should not be a problem now. Holger -----Ursprüngliche Nachricht----- Von: Chris Godwin [mailto:[EMAIL PROTECTED] Gesendet: Mittwoch, 14. März 2007 13:52 An: discussion@pfsense.com Betreff: [pfSense-discussion] FTP Problems and IIS I just wanted to get a good opinion about my issue. I have this issue with several routers including pfsense and monowall. When natting ftp to a windows machine running IIS, passive ftp doesn't work. I think it doesn't work for two reasons. The first is that the passive ports need to be forwarded, but even on a 1:1 nat it doesn't seem to work either. Secondly, because when initiate a passive connection and receive a host and port from the server, that host is of the local ip flavor and cannot be routed to. Am I correct in blaming this on the ftp service and not the router/natting platform? I wonder if pfsense's ftp help can proxy that connections. I've used freeBSD's ftpproxy port to solve this on a full machine. Thank you, Chris Godwin Linux/Unix Consultant Network Logistic, Inc. [EMAIL PROTECTED]
