nat & ftp problem ??

[RandyRiegel]

I have some windows machines in a network and recieve internet access via NAT using the following commands:

modprobe iptable_nat
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward

When I try to FTP to a system outside of our network I always get some type of error saying something like: (The following is from PureFTPd)

500 I won't connect to 192.100.100.6 (on to xx.xxx.124.150)
425 No data connection

It's like my local IP address is not getting translated correctly before being send. I can ftp from the linux server fine. Any ideas?

Randy

 

[RhythmAce]

In addition to ftp port 21, you will also need to open/forward port 20 which is ftp's data port. If that isn't it, then it's something else.

 

[RandyRiegel]

I'm pretty sure the port is not blocked, I can actually get logged into my FTP account on the remote server but then when I try to do something like "dir" or something that is when I get the error.

 

[lullysing]

Switch your FTP mode to PASSIVE mode.

Ftp using 2 ports, the NAT will reject the data when ftp is being in active mode. putting it in passive should solve your problem.



_____________________________
when someone asks for your username and password, and much *clickely clickely* is happening in the background, know enough that you should be worried.

 

[RandyRiegel]

how do I put the command line version of FTP (in WinXP) into passive mode. I've tried PASS, PASV, PASSIVE, and some others I've seen while searching the web but those commands don't seem to work.
Randy