Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
534
Views
4
Helpful
3
Replies

NAT and FTP

shibindong
Level 1
Level 1

‎12-20-2006 06:42 PM - edited ‎03-03-2019 03:07 PM

we have 2 routers like this:

R1--------(NAT outside)R2(NAT inside), and there is a FTP server behind R2, IP Address is: 172.16.20.9 When someone from R1 tried connecting it, they got "503 not logged in" error msg. We configured our FTP server as anonymous login, and after we remove the NAT configuration on the R1, problem disappeared, may I what cause the FTP not working and what is the solution to solve the problem, we still need our NAT anyway.

thanks

Labels:
0 Helpful
3 Replies 3

kamal-learn
Level 4
Level 4

‎12-20-2006 06:52 PM

hi

can you post the nat config of both routers!!

i think you have to nat staticaly your ftp server so it will have a static fixed address, because if you dont do so may be it will be using another address that is different from the one you are using to reach it!!

HTH

do rate if it does clarify

0 Helpful

shibindong
Level 1
Level 1
In response to kamal-learn

‎12-20-2006 07:42 PM

R1

interface FastEthernet0/0

ip address 10.16.20.8 255.255.255.0 secondary

ip address 172.16.20.8 255.255.255.0

no ip redirects

no ip proxy-arp

ip accounting output-packets

ip nat outside

duplex auto

speed auto

!

interface Serial0/0/0

bandwidth 1024

ip address 12.4.3.1 255.255.255.252

ip accounting output-packets

ip nat pool test_5 10.16.20.7 10.16.20.7 netmask 255.255.255.0

ip nat inside source list 182 pool test_5 overload

!

access-list 182 permit ip 196.69.0.0 0.0.255.255 10.16.20.0 0.0.0.255

-------------------------------------------

R2

interface FastEthernet0/0

ip address 172.16.228.10 255.255.255.0

0 Helpful

tdrais
Level 7
Level 7
In response to shibindong

‎12-20-2006 08:50 PM

This is kinda confusing with your first post. You say the server is behind r2 and has a address of 172.16.20.9. That interface is on fa 0/0 on r1 from your above post.

Now looking at what you have here you are saying when any traffic goes out fa 0/0 and has a source address in 196.69.0.0/16 going to a address in 10.16.20.0/24 change the 196.69.x.x address to 10.16.20.7 with overload.

You have a couple of problems with this in that this address is on the same segment as you lan. How will the machines know to send 10.16.20.7 back to the router. You can make this work but you would have to enable the proxy arp and either put a route in to null0 for 10.16.20.7 or put it on a loopback interface.

Even if you fix this it is still not your problem if you are going from a outside nat interface to a inside one. You must put in a

IP NAT INSIDE STATIC so that the mapping is in the nat table. The pooled on is only used for traffic going from inside to outside.

Customers Also Viewed These Support Documents