On 03/18/2006 05:26:22 PM, Paul Moore wrote:
The problem doesn't seem to be that nat is not working, but rather
the ftp server is sending out its internal ip in the data stream when
the data-port info is sent to the client.
This is the point of ftp-proxy, to deal with the network informa
info.Vision wrote:
Hi If you get internal addresses in the NAT on the outside of the
firewall then you need to MAP ports and IP's to the inside the machine
and add a set of rules that esentially Network address TRANSLATE (NAT)
to the outside at the firewall. you need to
1. map port and internal
Hi If you get internal addresses in the NAT on the outside of the
firewall then you need to MAP ports and IP's to the inside the machine
and add a set of rules that esentially Network address TRANSLATE (NAT)
to the outside at the firewall. you need to
1. map port and internal IP to WHAT outside IP
My concern with ftp-proxy is that I need ftp to work in both directions
and for multiple ftp servers. After reading the man on ftp-proxy I was
left with little comfort as to whether it would be able to do go both ways
and proxy for multiple ftp servers.
Granted I don't know much about PFs yet, but
Try ftp-proxy in reverse mode or proxy suite. Run them on the firewall and
don't rdr, just pass in
to port 21 and the high port range on the firewall. The proxy will do the rest
;)
Paul Moore([EMAIL PROTECTED])@Sat, Mar 11, 2006 at 03:41:19PM -0800:
> Hi,
>
> I have just setup my first PF firew
Hi,
I have just setup my first PF firewall and I am having a problem that I
can't figure out, nat doesn't quite cut the mustard. Most ftp clients
work just fine, but web browsers just can't figure it out. IE spins
while trying to list items and reports the "the operation timed out",
Mozilla r