Hi, solution: Open the Ports described in man 4 ip IP_PORTRANGE_HIGH referenced by man ftp-proxy or lookup in sysctl net.inet.ip.portrange like: net.inet.ip.portrange.hilast: 65535 net.inet.ip.portrange.hifirst: 49152 net.inet.ip.portrange.last: 65535 net.inet.ip.portrange.first: 49152
from WAN to your FTP server and all gets fine. regards michael. 2009/1/20 Fuchs, Martin <martin.fu...@trendchiller.com>: > Hi ! > > I have set up a FTP server in my DMZ with an official IP address. > From WAN -> DMZ the IPs are routed (no NAT). > I opened up port 21 from WAN -> DMZ for FTP but of course I cannot transfer > any files. > It seems to require some more ports, so I thought the FTP-helper on the > WAN-side could be helpful, but this also does not work... > > Does anyone have any idea how to set this up without opening this ton of > ports FTP requires ? > > I know FTP is not the preferred way, but we need this :-( > > I'd be thankful for every hint... > > Active FTP is not really an option because most FTP-clients live behind NAT > devices so there's the problem of the data-connection again... > > Regards, > > Martin > > --------------------------------------------------------------------- > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > -- === m i c h a e l - s c h u h . n e t === Michael Schuh Postfach 10 21 52 66021 Saarbrücken phone: 0681/8319664 mobil: 0177/9738644 @: m i c h a e l . s c h u h @ g m a i l . c o m === Ust-ID: DE251072318 === --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
