Hi Pompeychimes,

Yes that works.

DISEEM#telnet 192.168.1.250 21

Trying 192.168.1.250, 21 ... Open

220 Wing FTP Server ready... (UNREGISTERED WING FTP SERVER)

Simon

Now source it from the outside interface of the Router...

telnet 192.168.1.250 21 /source-interface atm0.1

what happens?

Same thing, seems to be fine.

DISEEM#telnet 192.168.1.250 21 /source-interface atm0.1

Trying 192.168.1.250, 21 ... Open

220 Wing FTP Server ready... (UNREGISTERED WING FTP SERVER)

OK, from device on the Internet or a site like this http://ping.eu/port-chk/ try to open ftp. Meanwhile on the router look at the output of the "sh ip nat trans" command. Do you see a translation for your ftp attempt?

This is what I got:

(I changed my ip address)

tcp 198.200.18.60:51006   192.168.1.39:51006    77.238.187.43:80      77.238.187.43:80

tcp 198.200.18.60:51007   192.168.1.39:51007    77.238.187.43:80      77.238.187.43:80

tcp 198.200.18.60:51008   192.168.1.39:51008    77.238.187.43:80      77.238.187.43:80

tcp 198.200.18.60:20      192.168.1.250:20      ---                   ---

tcp 198.200.18.60:21      192.168.1.250:21      88.198.46.51:35611    88.198.46.51:35611

tcp 198.200.18.60:21      192.168.1.250:21      88.198.46.51:35627    88.198.46.51:35627

tcp 198.200.18.60:21      192.168.1.250:21      ---                   ---

tcp 198.200.18.60:22      192.168.1.250:22      ---                   ---

tcp 198.200.18.60:51521   192.168.1.250:51521   76.164.220.46:80      76.164.220.46:80

tcp 198.200.18.60:51522   192.168.1.250:51522   76.164.220.46:80      76.164.220.46:80

Pro Inside global         Inside local          Outside local         Outside global

tcp 198.200.18.60:65163   192.168.1.250:65163   77.234.43.55:80       77.234.43.55:80

tcp 198.200.18.60:65168   192.168.1.250:65168   208.43.71.133:80      208.43.71.133:80

tcp 198.200.18.60:65169   192.168.1.250:65169   184.169.78.96:80      184.169.78.96:80

tcp 198.200.18.60:65170   192.168.1.250:65170   184.169.78.96:80      184.169.78.96:80

tcp 198.200.18.60:65171   192.168.1.250:65171   184.169.78.96:80      184.169.78.96:80

tcp 198.200.18.60:65172   192.168.1.250:65172   173.194.41.174:80     173.194.41.174:80

I'll assume these are your attempts...

tcp 198.200.18.60:21      192.168.1.250:21      88.198.46.51:35611    88.198.46.51:35611

tcp 198.200.18.60:21      192.168.1.250:21      88.198.46.51:35627    88.198.46.51:35627

If so it looks good.

Is your FTP Server's DFG 192.168.1.254?

What actually happens when you attempt the FTP. Does is just hang, do you get a header, a prompt for credentials maybe, etc...

James

Hi james,

Yes.

It gives me :

500 Connection refused (Winsock error #10061) which is odd, because it works from inside to username and password definitely correct.

How does one do PMs in here? Maybe I can give you access and you could try from your end?

Thanks,

Simon

I was able to login. I replied to your PM.

its so bizzare, I still can't. I tried with FTP Commander and filezzila and a different internet line. I am using windows 7. Could windows block something? Although I can log onto other FTP servers. So odd

hi,

could you re-configure static NAT to use the WAN IP instead and try again from outside? make sure FW/AV are disabled when doing your test.

no ip nat inside source static tcp 192.168.1.250 21 interface ATM0.1 21

ip nat inside source static tcp 192.168.1.250 21 198.200.18.60 21

Hi John,

I have done this but still now joy. same problem. I did check the port is open etc.

Thanks,

Simon

hi simon,

i guess your config should be ok. i think your next option would be an IOS upgrade.