1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

FTP forwarding does not work

Discussion in 'Tomato Firmware' started by Frosty2k8, Sep 19, 2008.

  1. Frosty2k8

    Frosty2k8 Addicted to LI Member

    Hi folks,

    I have a WRT54GL V1.1. @ Tomato 1.21.

    I want to access my FTP-Server from outside(wan) passiv and so i configured portwarding:

    Proto:TCP
    SRC Address: blank
    Ext Ports:21
    Int Ports: 21
    Int Address:192.X.X.X
    NAT Loopback: Forwarded only

    Tracking /NAT Helpers:FTP

    i cant reach my ftp server from the WAN
    when i connect from LAN, i see in the ftp-server log that the WRT54GL (local IP) instead of my PC logs in.

    When i use the original linksys firmware everything works fine... so it could not be my ftp-server or dnydns settings...
     
  2. bripab007

    bripab007 Network Guru Member

    I guarantee you that port forwarding works just fine in Tomato. I've been using it to port forward two different FTP servers across the last four versions of Tomato, so I can assure you it works.

    You've got something configured incorrectly.
     
  3. CaNsA

    CaNsA Network Guru Member

    Spot on there matey.



    Frosty, u aint told the router as to which port u are forwarding it to

    Proto:TCP
    SRC Address: blank
    Ext Ports:21
    Int Ports: 21
    Int Address:192.xxx.xxx.xxx
    NAT Loopback: Forwarded only

    Give that a try.

    Also depending on the server software u are using there may be a UPnP option that might need disabe/enabling.
     
  4. jersully

    jersully LI Guru Member

    What am I missing?
     
  5. CaNsA

    CaNsA Network Guru Member

    --------------------------------------------------------------------------------
    Last edited by Frosty2k8; 09-19-2008 at 04:10 PM.
     
  6. Frosty2k8

    Frosty2k8 Addicted to LI Member

    Well I flashed back to original Linksysfirmware and everthings works fine...

    now i switched back to tomato 1.21, ftp port forwarding doesnt work..
    maybe Tomato requires also to forward port 20 ??
     
  7. Toxic

    Toxic Administrator Staff Member

    your server does have a static IP yes?
     
  8. Frosty2k8

    Frosty2k8 Addicted to LI Member

    Yes static IP via Tomato DHCP static..
    just check it again, leased IP is correct...
     
  9. mstombs

    mstombs Network Guru Member

    Have you tried enabling the FTP nat helper, under Advanced Conntrack/Netfitler Tracking / NAT Helpers, maybe its enabled by default in Linksys firmware.

    If testing locally check the setting of "Nat Loopback" (inverse of Internet nat redirection in Linksys firmware).
     
  10. Frosty2k8

    Frosty2k8 Addicted to LI Member

    Yes NAT Helper is enabled, but it still does not work
     
  11. bripab007

    bripab007 Network Guru Member

    This parts seems pretty telling: "when i connect from LAN, i see in the ftp-server log that the WRT54GL (local IP) instead of my PC logs in."

    So, are you using the IP address of the FTP server to connect to it or are you using your external, dynamic DNS name? When you connect from the inside/LAN with the stock Linksys firmware, does the FTP server log still show the router's IP address as being the machine connected or does it show your local workstation?
     
  12. Frosty2k8

    Frosty2k8 Addicted to LI Member

    Well I do the following:
    Tomato 1.21:
    1.From WAN i connect via browser FTP://user:password@example.dyndns.org
    I will see a blank page with the title "example.dyndns.org"
    2.From WAN i connect via ftp-software "smartftp" --> I get the message, connection refused by host....
    3. From WAN i connect via windows ftp --> cmd-> ftp
    this will work

    Original firmware:
    All ways work

    From LAN i connect via FTP://user:password@example.dyndns.org --> so now i see thats the reason why the local address apperas in the ftp server log...
     
  13. bripab007

    bripab007 Network Guru Member

    So, this whole time I thought you were saying that you could not connect to the FTP from WAN at all. Period.

    But you're saying that it works fine when using Windows FTP/Internet Explorer browser? That makes me think you've configured your FTP clients incorrectly or something. I've used SmartFTP, Filezilla, Transmit and IE 7.0/Windows FTP to connect to my FTP server through Tomato.

    I don't really know what you've got configured incorrectly, but it's definitely something. At this point, it sounds to me like it's a problem with your FTP clients.
     
  14. Toxic

    Toxic Administrator Staff Member

    try setting your FTP Server with a Static IP (not via DHCP) and see if forwarding works.
     
  15. bripab007

    bripab007 Network Guru Member

    Good call, Toxic, I actually had something similar happen with my old FTP server; it demanded to have an IP assigned statically instead of via DHCP.
     
  16. rkloost

    rkloost Addicted to LI Member

    FTP uses TCP port 21 for the command connection and used to use tcpport 20 for data connection. When using passive FTP, you can lock data channel to a portrange (as small as possible) by example tcp ports 30000-30010.

    So forward 21,20,30000-30010 to your server and it should work. (Works at least on cerberus ftp-server for windows (wuftp and vsftpd should be fine too).

    Regards,
    Ruud
     

Share This Page