Passive ftp - forward port range on a 2821 router

Unanswered Question
Jun 28th, 2007

Hi all,

Lately, I've been configuring our new 2821 router and the ftp part is causing me some serious headaches. I would really really appreciate any help ;)

So, to start from the beginning...

I'd like to give access from the internet to our ftp server using passive mode (active mode works fine)

For the moment, it goes as follows:

Ftp-data connections from client to server should use ports 40000-41000

the access-list includes :

permit tcp any host 212.68.206.34 eq ftp-data

permit tcp any host 212.68.206.34 eq ftp

permit tcp any host 212.68.206.34 range 40000 41000

inspection rule includes ftp

the problem is how to do a port forwarding from the external interface to the inside server.

I've added the following

ip nat inside source static tcp 192.168.x.x 40000 interface GigabitEthernet0/1 40000

till port 40010

and it's working fine. However, I need to forward the entire range 40000-4100. Is there a way to do this without adding all entries one by one?

Many thanks for your reply,

Elena

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
bwalchez Thu, 07/05/2007 - 06:31

As you know that FTP server that communicates with CUE must support passive FTP requests. I think you can forward the entire range 40000-4100.

Actions

This Discussion