FTP and NAT static on CSM

irodi · ‎05-24-2006

Hi,

I have a problem with the ftp from a server that try to connect via ftp to another IP crossing the CSM. This server is nated statically by the CSM.

Example:

module ContentSwitchingModule 7

!

static nat 161.1.1.1

real 10.10.10.1

real 10.10.10.2

!

Of cource the flow coming from 10.10.10.1 cross the csm then we have the nat and this is ok.

From 10.10.10.1 I do a ftp to another server 20.20.20.1. I put the password and everything goes ok, but do DIR I lose the connection because I receive a reset from the csm.

Is this possible?

Thanks

Ira

Gilles Dufour · ‎05-24-2006

the problem is that when you do a dir, you need to open a data connection.

In active mode, the server [20.20.20.1] opens the connections back to the client [10.10.10.1] but in this case the client is nated to [161.1.1.1].

So a connection is open from 20.20.20.1 to 161.1.1.1 which comes to the CSM which does not know what to do with this new connection and drops it.

The server [20.20.20.1] is probably sending a RESET back to the client because it can't open a data connection.

If you try passive mode [type passive once the ftp connection is open], it should normally work as the data connection would be open by the client itself.

Gilles.