Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Smoothwall blocks FTP access

Status
Not open for further replies.
gkdog

gkdog

Technical User
Dec 8, 2002
34
AU
I've hooked up smoothwall to protect a small network and everything works OK except that I can't access my FTP server from the internet (red zone).
I have allowed access to Ports 80 (HTTP) and 21 (FTP) and also forwarded the the ports to the relevent server.
The Web server works fine (IIS) but FTP doesn't. FTP works fine when accessed from within my network (green zone).
Does anybody have any ideas ?

Regards GKDOG
 
Sort by date Sort by votes
Hi,

When you try ftp from internet to port 21, what error msg did you get? Can you put log entry on your rules to lock any ftp attempt?

You need port 20 open as well for data (active mode). Passive mode you dont have to open port 20.

regards,
feroz
 
Upvote 0 Downvote
The following error was encountered :-

Read Error
The system returned:

(131) Connection reset by peer
An error condition occurred while reading data from the network. Please retry your request.


You might want to try yourself (ftp://kipper.mine.nu)

 
Upvote 0 Downvote
Hi,

Is your ftp server open 24/7? Have you try turn on the LOG on your firewall rule for port 21 as well as 20?

regards,
feroz
 
Upvote 0 Downvote
The following ports are enabled for access:-

TCP ALL 113
TCP ALL 80
TCP ALL 21
TCP ALL 81
TCP ALL 445
TCP ALL 20

Ports are forwarded :-

TCP 80 10.10.1.1 80
TCP 21 10.10.1.1 21
TCP 20 10.10.1.1 20

I can't see what is wrong ...............

GKDOG
 
Upvote 0 Downvote
FTP doesn't just use one port.

If you are using active FTP, the server must listen on ports 20 (the data port) and 21 (the command port)

If you are using passive FTP, the server must listen on port 21 (the command port) and a second non-privileged port which is not static.

Take a look here for what is going on with FTP and ports:
Support for passive FTP requires that the firewall employ stateful inspection in order to know which ports it needs to open for the data connection from the client to the server.

Want the best answers? Ask the best questions: TANSTAAFL!
 
Upvote 0 Downvote
Checking the IIS FTP logs It reports that a connection was made etc - in fact it looks like everything should have been OK
It's very strange........
I'm at a loss
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Soopa
  • Locked
  • Question
FTP Servers and Time Stamps
Replies
0
Views
91
Soopa
Soopa
TSch
  • Locked
  • Question
NSS Volumes: Problem with Access Rights
Replies
0
Views
85
TSch
TSch
lorel
  • Locked
  • Question
Another ftp problem.
Replies
6
Views
105
vodkadrinker
vodkadrinker
tomwe
  • Locked
  • Question
access second partiton on array
Replies
3
Views
86
motoslide
motoslide
weberm
  • Locked
  • Question
Uploading files via FTP OK, but SFTP is not
Replies
10
Views
135
weberm
weberm

Part and Inventory Search

Sponsor

Back
Top