Re: [pfSense Support] WinSCP and Port 223 - SFTP
Thanks Chris Yes I had got that far thanks, it was more detailing the symptoms. I'll check the WAN side access again, when I can, from a couple of locations, which are the ones of concern to me. My recollection was that it did the same, will get back to you if I confirm this. Kind regards David - Original Message - From: Chris Buechler [EMAIL PROTECTED] To: support@pfsense.com Sent: Sunday, August 03, 2008 1:12 PM Subject: Re: [pfSense Support] WinSCP and Port 223 - SFTP On Sat, Aug 2, 2008 at 9:06 PM, Tortise [EMAIL PROTECTED] wrote: Chris I am not sure what you are getting at, I think so. (how else?) Meaning you're connecting to a port forward using the outside IP from your LAN interface. NAT reflection is a kludge, I would suggest just directly connecting, not relying on bouncing through the firewall. It's probably caused by something to do with NAT reflection. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] WinSCP and Port 223 - SFTP
Hi When I run a connection thru pfSense (1.2 CF) almost immediately following successful connection WinSCP loses the connection with an Server unexpectedly closed network connection error message. Happens with client LAN side and WAN side. Logs add little that I can see. Running the same directly over the LAN is exempt this problem. Trying FTP RFC 959 data port violation workaround makes no difference. Does this make any sense to someone? Is pfSense causing this? Kind regards David Hingston
Re: [pfSense Support] WinSCP and Port 223 - SFTP
On Sat, Aug 2, 2008 at 5:28 AM, Tortise [EMAIL PROTECTED] wrote: Hi When I run a connection thru pfSense (1.2 CF) almost immediately following successful connection WinSCP loses the connection with an Server unexpectedly closed network connection error message. Happens with client LAN side and WAN side. WAN side...as in, pfSense isn't in the path of the traffic anymore? Trying FTP RFC 959 data port violation workaround makes no difference. SFTP has nothing to do with FTP. --Bill - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] WinSCP and Port 223 - SFTP
Thanks Bill
WAN side for me meant a Path of:
Client WinSCP (WAN side) = Internet = pfSense / NAT = LAN Server
LAN side was indirect, however to me should still work and has done in the past
Client WinSCP on LAN directed to pfSense WAN IP = NAT = LAN Server
Kind regards
David Hingston
- Original Message -
From: Bill Marquette [EMAIL PROTECTED]
To: support@pfsense.com
Sent: Sunday, August 03, 2008 10:00 AM
Subject: Re: [pfSense Support] WinSCP and Port 223 - SFTP
On Sat, Aug 2, 2008 at 5:28 AM, Tortise [EMAIL PROTECTED] wrote:
Hi
When I run a connection thru pfSense (1.2 CF) almost immediately following
successful connection WinSCP loses the connection with an Server
unexpectedly closed network connection error message. Happens with client
LAN side and WAN side.
WAN side...as in, pfSense isn't in the path of the traffic anymore?
{Deleted}
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] WinSCP and Port 223 - SFTP
On Sat, Aug 2, 2008 at 5:07 PM, Tortise [EMAIL PROTECTED] wrote: Thanks Bill WAN side for me meant a Path of: Client WinSCP (WAN side) = Internet = pfSense / NAT = LAN Server LAN side was indirect, however to me should still work and has done in the past Client WinSCP on LAN directed to pfSense WAN IP = NAT = LAN Server Any chance your rule is doing OS detection? --Bill - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] WinSCP and Port 223 - SFTP
Re: Any chance your rule is doing OS detection? Gosh I thought you were joking, however wise to first check the rule, bearing in mind your responses are invariably well founded, sure enough the ability to limit the OS is there(!), however its set to any. The rule is a standard TCP pass Port 223, nothing special otherwise. The connection is also made, just loses it again within seconds. If one sets up a file transfer before it disconnects the transfer completes. Kind regards David Hingston - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] WinSCP and Port 223 - SFTP
On Sat, Aug 2, 2008 at 7:15 PM, Tortise [EMAIL PROTECTED] wrote: Re: Any chance your rule is doing OS detection? Gosh I thought you were joking, however wise to first check the rule, bearing in mind your responses are invariably well founded, sure enough the ability to limit the OS is there(!), however its set to any. The rule is a standard TCP pass Port 223, nothing special otherwise. The connection is also made, just loses it again within seconds. If one sets up a file transfer before it disconnects the transfer completes. You relying on NAT reflection? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] WinSCP and Port 223 - SFTP
Chris I am not sure what you are getting at, I think so. (how else?) David - Original Message - From: Chris Buechler [EMAIL PROTECTED] To: support@pfsense.com Sent: Sunday, August 03, 2008 12:43 PM Subject: Re: [pfSense Support] WinSCP and Port 223 - SFTP On Sat, Aug 2, 2008 at 7:15 PM, Tortise [EMAIL PROTECTED] wrote: Re: Any chance your rule is doing OS detection? Gosh I thought you were joking, however wise to first check the rule, bearing in mind your responses are invariably well founded, sure enough the ability to limit the OS is there(!), however its set to any. The rule is a standard TCP pass Port 223, nothing special otherwise. The connection is also made, just loses it again within seconds. If one sets up a file transfer before it disconnects the transfer completes. You relying on NAT reflection? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] WinSCP and Port 223 - SFTP
On Sat, Aug 2, 2008 at 9:06 PM, Tortise [EMAIL PROTECTED] wrote: Chris I am not sure what you are getting at, I think so. (how else?) Meaning you're connecting to a port forward using the outside IP from your LAN interface. NAT reflection is a kludge, I would suggest just directly connecting, not relying on bouncing through the firewall. It's probably caused by something to do with NAT reflection. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
