12-09-2005 09:24 AM - edited 03-05-2019 11:43 AM
Hi,
I have a 1841 router with NAT for Internet access.
I have an ftp server (port 21) on the inside LAN. I want this server to be available from the Internet.
I added:
"ip nat inside source static tcp 10.1.5.12 21 xxx.xxx.xxx.xxx 21 extendable"
to the config but it does not work. xxx.xxx.xxx.xxx is the public fixed IP address.
Any ideas ?
12-09-2005 12:59 PM
Hello,
the NAT statement looks ok, can you post the entire configuration of your router ?
Regards,
GP
12-10-2005 09:39 AM
Hi there,
this could be a problem related to how FTP works in general. I assume clients can connect, but then not download? Well you need also FTP-DATA (TCP 20) which is used for downloading natted to your server.
This still leaves you with clients not able to download in case they are set to use passive FTP. In this case download will be client initiated to an arbitrary TCP port your 1841 has not NAT translation for.
Generally FTP Server and client being behind NAT does not work in most cases. Have a look at RFC 1579 Firewall Friendly FTP for a detailed explanation.
Basically you need an official IP address for an FTP server or an application aware Firewall/NAT to have no hassle.
Regards
Martin
12-11-2005 10:01 PM
Hi
Try this out
Ip nat outside source static tcp xxx.xxx.xxx.xxx
10.1.5.12
dont forget add
""ip nat inside"" and ""ip nat outside"" at the ethernet and your wan link....
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide