I am trying to configure a SR520-ADSL-K9 in order to access from outside (internet) an internal FTP server (by an FTP client with passive connection). Actually, it is a single server installation (small site) which besides FTP services, supports active directory, file services etc.
I am using CCA because I have no experience with CLI.
I configured NAT in order port 21 to point to my internal address (192.168.100.2) at the same port. This server's vlan (vlan100) belongs to inside zone.
When the firewall is active (even with the "low" protection setting) I cannot work fully with this FTP server (I can list directories but I can 't upload or dowload files). Of course, everything works fine if the firewall is disabled.
I gave it a try by putting this server in the DMZ zone and it worked (accessing the FTP server from outside), but since it's a single server with many services I had other problems with the internal LAN (vlan100) that made my installation complicated so DMZ seems not an option.
Since I did many tests I beleive that CCA cant help me any more achieving what I wish to do. So the question is:
Can I do it with CLI ? If someone can help me it would be very much appreciated (as I said, I have no experience on CLI so a detailed help will help)
Find attached current configuration with firewall on at medium level and failing FTP passive access from outside.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...