cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
719
Views
0
Helpful
3
Replies

port forwarding for PASV ftp

shoebwk
Level 1
Level 1

hello i need to forward a range of port to my PASV ftp server. The range include 50000-50100. how do i accomplish this on my 800 series router

regards

shoeb

3 Replies 3

Hello Shoeb,

as long as you are noy blocking TCP ports >1023, your passive FTP should work. I assume the FTP server is sitting on the local network off your Cisco 800 ? Can you post the config of your router ?

Regards,

GP

yes my FTP server is sitting on the local network behind the router

this is my config

-----------------------------------------------

Current configuration:

!

version 12.1

no service pad

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname edi-ISDN

!

enable secret level xxxx

!

!

!

!

!

ip subnet-zero

!

ip name-server 213.42.20.20

ip name-server 195.229.241.222

isdn switch-type basic-net3

interface Ethernet0

ip address 192.168.1.254 255.255.255.0

ip nat inside

!

interface BRI0

no ip address

ip nat outside

encapsulation ppp

dialer pool-member 1

isdn switch-type basic-net3

ppp authentication pap callin

!

interface Dialer1

ip address 213.12.x.x

ip nat outside

encapsulation ppp

dialer pool 1

dialer idle-timeout 500

dialer string 4004444

dialer hold-queue 10

dialer-group 1

--More--

ppp authentication pap callin

ppp pap sent-username abc password xxx

!

ip nat inside source list 101 interface Dialer1 overload

ip nat inside source static tcp 192.168.1.252 21 interface Dialer1 21

ip nat inside source static tcp 192.168.1.252 20 interface Dialer1 20

ip http server

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer1

!

access-list 101 permit ip 192.168.0.0 0.0.0.255 any

dialer-list 1 protocol ip permit

!

line con 0

password xxx

login

transport input none

stopbits 1

line vty 0 4

password xxx

login

Hello,

can you try and find out if your problem might be related to your FTP server trying to reply with its internal unNATed IP address, when the outside client attempts to use the passive FTP ? I think it is a software setting in the FTP server settings, to have the server reply with a specific IP address (which would be the IP address of your Dialer 1)...

Regards,

GP