Re: FTP server on local LAN - Cisco Community

540

Views

0

Helpful

3

Replies

Hi,

I have a 1841 router with NAT for Internet access.

I have an ftp server (port 21) on the inside LAN. I want this server to be available from the Internet.

I added:

"ip nat inside source static tcp 10.1.5.12 21 xxx.xxx.xxx.xxx 21 extendable"

to the config but it does not work. xxx.xxx.xxx.xxx is the public fixed IP address.

Any ideas ?

3 Replies 3

Hello,

the NAT statement looks ok, can you post the entire configuration of your router ?

Regards,

GP

Hi there,

this could be a problem related to how FTP works in general. I assume clients can connect, but then not download? Well you need also FTP-DATA (TCP 20) which is used for downloading natted to your server.

This still leaves you with clients not able to download in case they are set to use passive FTP. In this case download will be client initiated to an arbitrary TCP port your 1841 has not NAT translation for.

Generally FTP Server and client being behind NAT does not work in most cases. Have a look at RFC 1579 Firewall Friendly FTP for a detailed explanation.

Basically you need an official IP address for an FTP server or an application aware Firewall/NAT to have no hassle.

Regards

Martin

Hi

Try this out

Ip nat outside source static tcp xxx.xxx.xxx.xxx

10.1.5.12

dont forget add

""ip nat inside"" and ""ip nat outside"" at the ethernet and your wan link....

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community

Review Cisco Networking products for a $25 gift card