03-16-2005 09:04 PM - edited 03-03-2019 09:04 AM
I think I have a problem with either my router.
I can not seem to connect to any ftp sites. I had a power failure a week or so back that out lasted my UPS. Ever since then I have been unable to ftp out.
I am not sure if my router has lost some settings or what.
I have checked my configs and everything looks fine. my network is as follows:
WWW
|
| (public IP 1)
| (public ip 2 for port forwarding)
| (FE0/0)
Cisco 2621 Dual Fast Ethernet
| (FE0/1)
| (192.168.10.10)
|
Catalyst 5002 (12 port 10/100 module)(192.168.10.11)(single Vlan)
|...................................................|
SBS2k3 (192.168.10.12) 2000 server (192.168.10.55)
|
SBS clients (192.168.20.x)
Neither the the sbs box, the 2k server, or any of the sbs clients can ftp out. The 2k server is in it's own workgroup and not part of the
sbs domain.
Also I used to have a the ftp ports forwarded to my SBS IP but I took that out of the config. This was because I killed the ftp service when I rebuilt my SBS server. Since then I erected the 2000 server outside the SBS domain and used it to ftp data to and from other sites. Prior to me removing the ftp port forwarders the 2000 server could not establish ftp connections to the outside world. Afterwards, everything worked fine for months, until sometime around the power outage!
So that is why I am inclined to think something has gone wrong with my router.
If anyone think they can assist me I'd be greatful.
Below is my router config:
Current configuration : 2450 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname ROUTER
!
enable secret xxxxxxxxxxxxxxxxxxxxxxxxx
enable password xxxxxxxxxxxxxxxxxxxxxxx
!
memory-size iomem 15
clock timezone EST -5
ip subnet-zero
!
ip name-server my.isp.name.server1
ip name-server my.isp.name.server2
ip name-server 192.168.10.12
!
voice call carrier capacity active
!
mta receive maximum-recipients 0
!
interface FastEthernet0/0
description connected to World Wide Web
ip address my.pub.ip.add1 a.b.c.d
ip access-group 110 in
ip nat outside
speed auto
half-duplex
!
interface FastEthernet0/1
description Connected to SBS 2003 Proliant ML530 3Com NIC
ip address 192.168.10.10 255.255.255.0
ip nat inside
speed 100
full-duplex
!
router rip
version 2
redistribute connected
passive-interface FastEthernet0/0
network 192.168.10.0
network my.isp.ip.net
no auto-summary
!
ip nat inside source list 1 interface FastEthernet0/0 overload
ip nat inside source static 192.168.10.12 my.pub.ip.add2
ip classless
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
no ip http server
!
access-list 1 permit 192.168.10.0 0.0.0.255
access-list 1 permit 192.0.0.0 0.255.255.255
access-list 100 permit ip any any
access-list 101 permit tcp any any established
access-list 110 permit gre any host my.pub.ip.add2
access-list 110 permit tcp any host my.pub.ip.add2 eq 1723
access-list 110 permit tcp any host my.pub.ip.add2 eq www
access-list 110 permit tcp any host my.pub.ip.add2 eq pop3
access-list 110 permit tcp any host my.pub.ip.add2 eq 1080
access-list 110 permit tcp any host my.pub.ip.add2 eq 3389
access-list 110 permit tcp any host my.pub.ip.add2 eq smtp
access-list 110 permit tcp any host my.pub.ip.add2 eq 443
access-list 110 permit tcp any host my.pub.ip.add2 eq 444
access-list 110 permit tcp any any established
access-list 110 permit udp any eq domain any
access-list 110 permit udp any any eq domain
!
call rsvp-sync
!
mgcp profile default
!
dial-peer cor custom
!
line con 0
exec-timeout 0 0
password xxxxxxxxxxxxxxxxxxxx
login
line aux 0
line vty 0 4
password xxxxxxxxxxxxxxxxxxxxx
login
!
ntp clock-period 17180050
ntp server 192.5.41.41
!
end
03-17-2005 07:44 PM
hi
can u chek u r ACL conf which reads like this
access-list 1 permit 192.168.10.0 0.0.0.255
access-list 1 permit 192.0.0.0 0.255.255.255
r u really using the second block in any part of ur network ??
but i c tht ur ntp server falls under tht category but i dont c tht block is anywhere being configured in ur router.
if its not reqd can u remove tht particular block from access list and chek whether u r able to do out..
try to use some freewares for ftping which would also help u to isolate the exact cause for this ...
regds
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide