On Thu, Feb 11, 2016 at 1:25 PM, J. Echter <j.ech...@echter-kuechen-elektro.de> wrote: > Hi, > > i have a tool which uodates its data by ftp. Nothing sepcial... > > But, i cant use it as i get errors like 'no data', error 227 'entering > passive mode' and so on. > > As far as i know should passive mode be working without any afford. > > Where can i have a look what is going wrong? > > I read about FTP helper and FTP CLient Proxy, but imho FTP Helper isn't > in 2.2 anymore and was more for ftp servers behind pfsense. > > > Please, any hints are welcome :) > > Thanks. > > Juergen
PASV mode requires you opening ports on the firewall so when a client needs to transfer data it can use these ports to connect to the FTP server and start the transfer. It is specifically built like this so you CAN host a ftp server across NAT. You usually have to configure the FTP server to utilize a range of ports for its PASV mode based on the amount of active clients at one time on a server. You then forward those ports to the internal address of the box with the FTP server on it. You may also have to configure a PASV ip address in the FTP server because by default the ftp server will pass the ip it is on and the port to the client telling it to connect there. So if you do not do both, you are going to have issues connecting to a FTP server behind a NATed box. You should not be using just plain FTP anymore as it is insecure. You should be using SFTP (ssh) or FTP with TLS enabled. You still have to configure a group of PASV ports and a PASV ip in this instance. _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
