Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2362
Views
5
Helpful
1
Replies

FTP server behind RV042 gateway

systemsadminas
Level 1
Level 1

‎11-17-2009 08:16 AM - edited ‎03-04-2019 06:45 AM

Need some help figuring out what my problem is here with NAT not being performed on our data connections using Ability File Server 1.20 (Code-crafters.com) along with the Linksys/Cisco RV042 router.

The server sees and accepts client connections on port 21 fine but can't get an active data connection using PASV or active port assignments. I can log in fine using command-line FTP (and see this in the login window on the server), but actions initiating data-related commands fail with a 425 'Can't open data connection'. Trying to connect to FTP using a browser or My Network places fails outright (probably for the 425)

We're using PASV mode with ports 4990 through 4997, with our gateway being 192.168.1.1. Connections are accepted on port 21,which is forwarded (along with PASV ports) from this gateway to 192.168.1.8, which is the local IP for the server. With the appropriate Internet Options for view in Win Explorer and PASV on, I can't get XP or Win 7 clients to connect either in a browser or as an FTP network place. Same behavior with or without encryption.

From the command prompt, however, I can get a connection fine with or without encryption, but the 425 data connection failure always occurs.

Looking at the AFS log, it is only seeing the gateway's LAN address for the client connections, though on the client side they are being assigned the proper internet IP of our gateway (64.xx.xx.34), and the proper PASV port. It seems that though port 21 is forwarding properly to the FTP server, they are not for the PASV ports, and NAT is not being performed for the data connection such that AFS cannot see the client's IP.

Any idea how I can resolve this?

Labels:
0 Helpful
1 Reply 1

Phillip Remaker
Cisco Employee
Cisco Employee

‎12-16-2009 03:04 PM

FTP open a separate TCP connection for data.  The port 21 TCP conection is the control channel.

For PASV to work, you also need to map the TCP range of 4990 through 4997 to 192.168.1.8.  It is not clear to me if you did that.

The active FTP should work since in that case the file server would open a conenction to you.

The conenction from the command prompt is always on port 21.  When you initiate a file transfer, it opens a new. separate TCP connection.

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card