Forwarding FTP Ports (DST-NAT) Passive mode
Posted: Wed Mar 14, 2007 6:04 am
I've been forwarding FTP to an internal FTP server for years and it's worked fine. I forward external ports 20-21 to internal ports 20-21. The FTP client log displays the external IP (assuming the IP is x.x.x.x)
227 Entering Passive Mode (x,x,x,x,22,72).
We have a blackberry user that needs to connect to our FTP but the blackberry service blocks port 21. We've setup a separate FTP service in IIS on port 5700. We've tested internally and it works but externally it doesn't. I've forwarded external ports 5699-5700 to internal 5699-5700 and when the client connects there are 2 weird things about it
1. Uses the internal IP instead of external in the client log:
227 Entering Passive Mode (192,168,10,10,22,68).
2. Gives the error:
Response: 425 Can't open data connection.
Error: Could not retrieve directory listing
I've tried narrowing down the # of ports that PASSV transfer uses (http://support.microsoft.com/?id=555022) and forwarding those ports too but it doesnt make a difference. Anyone out there had luck with this?
227 Entering Passive Mode (x,x,x,x,22,72).
We have a blackberry user that needs to connect to our FTP but the blackberry service blocks port 21. We've setup a separate FTP service in IIS on port 5700. We've tested internally and it works but externally it doesn't. I've forwarded external ports 5699-5700 to internal 5699-5700 and when the client connects there are 2 weird things about it
1. Uses the internal IP instead of external in the client log:
227 Entering Passive Mode (192,168,10,10,22,68).
2. Gives the error:
Response: 425 Can't open data connection.
Error: Could not retrieve directory listing
I've tried narrowing down the # of ports that PASSV transfer uses (http://support.microsoft.com/?id=555022) and forwarding those ports too but it doesnt make a difference. Anyone out there had luck with this?