How to set up PASV FTP behind NAT 2

[EdLeafe]

I'm trying to replace my Win2K server, which is handling FTP on my site, with a Linux box. The servers behind the firewall are all in the 192.168.0.0/24 range, with the gateway machine having the public IP address. NAT is used for all the boxes behind the firewall. The linux box is 192.168.0.14.

My Win2K FTP program, Serv-U, allows you to configure it so that when a passive FTP session is initiated, it tells the client to connect on port XXXX of the public IP address instead of the local (i.e., 192.168... address). It's working fine. But now I can't seem to find out how to accomplish the same thing with Linux and wu-ftpd.

I've studied the logs of the ftp clients I've been using to test the setup, and I can connect, list, etc. just fine. But as soon as I initiate a passive download, the Linux server always tells the client to connect to 192.168.0.14:xxxx, where xxxx is a port number in the range I've configured. Does anyone know how to do this?

 

[rninja]

Well I do know it is easy to accomplish with linux and proftpd. You can get proftp from proftpd.net, the in the proftpd.conf file, set the directive MasqueradeAddress and then PassivePorts 60000 65535. This should work for you. Rninja

http://www.rninja.com

 

[ifincham]

Hi,

As far as I recall you put something like this in your /etc/ftpaccess file:

passive address 172.16.16.1 192.168.0.0/24

(172.16.16.1 is an example of an address to use for the 192.168.0.0/24 subnet)

Regards

 

[EdLeafe]

Thanks, ifincham, that's the command that was needed. I think I wasted a day searching the web for that info!

I also looked into proftpd, and it seems like a much better option that wu-ftpd. Is that a general consensus, or is there a reason to prefer wu-ftpd?

 

[ifincham]

Hi,

Yes.. I think most people agree that proftpd is preferred to wuftpd. Its generally easier to configure and better documented.

Regards