11-13-2002 06:26 AM - edited 03-02-2019 02:50 AM
Hi, first thanks for all the quick replies I received on my previous post. Will have a look at it but first have to solve this very urgent :-(.
The server 10.101.32.43 can not set up an ftp session. But all the rest works (people can access the server,...)
The config: (at the end you see 'show ip nat translations')
interface FastEthernet0/0
description LAN
ip address 10.101.166.1 255.255.255.0
no ip redirects
ip nat inside
ip pim sparse-dense-mode
speed 100
full-duplex
no cdp enable
!
interface Serial1/0:1
description LL to Skynet 2 MB
bandwidth 2048
ip address 194.78.151.2 255.255.255.252
ip nat outside
no cdp enable
!
ip nat pool jon 194.78.151.2 194.78.151.2 netmask 255.255.255.252
ip nat inside source list 3 pool jon overload
ip nat inside source static 10.101.32.43 194.78.151.2
ip classless
ip route 0.0.0.0 0.0.0.0 194.78.151.1
ip route 10.101.32.0 255.255.248.0 10.101.166.3
no ip http server
no ip pim bidir-enable
!
!
access-list 3 permit 10.101.32.3
access-list 3 deny 10.101.32.43
SHOW IP NAT TRANSLATIONS GIVES THE FOLLOWING:
Pro Inside global Inside local Outside local Outside global
--- 194.78.151.2 10.101.32.43 --- ---
tcp 194.78.151.2:21 10.101.32.43:21 62.190.122.92:57514 62.190.122.92:5751
4
tcp 194.78.151.2:49302 10.101.32.3:49302 194.78.47.45:21 194.78.47.45:21
tcp 194.78.151.2:49303 10.101.32.3:49303 194.78.47.45:21 194.78.47.45:21
BRURT1401#sh ip nat trans
Pro Inside global Inside local Outside local Outside global
--- 194.78.151.2 10.101.32.43 --- ---
tcp 194.78.151.2:21 10.101.32.43:21 62.190.122.92:57514 62.190.122.92:5751
4
tcp 194.78.151.2:49302 10.101.32.3:49302 194.78.47.45:21 194.78.47.45:21
tcp 194.78.151.2:49303 10.101.32.3:49303 194.78.47.45:21 194.78.47.45:21
tcp 194.78.151.2:49304 10.101.32.3:49304 194.78.47.45:21 194.78.47.45:21
tcp 194.78.151.2:49305 10.101.32.3:49305 194.78.47.45:21 194.78.47.45:21
tcp 194.78.151.2:49306 10.101.32.3:49306 194.78.47.45:21 194.78.47.45:21
11-13-2002 08:18 AM
Sounds like you need to turn off passive FTP (PASV). If the server is a Unix box / you have a command line ftp program, just after you connect try typing PASV.
Should fix it...
11-18-2002 12:48 PM
When NAT-ing the outside server generally will have problem establishing the data channel (port 20) from the outside to the inside (client). A workaround is normally to use ftp in pasive mode.
Ftp in passive mode is described in many places here's one:
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: