Routing multiple FTP servers

Discussion in 'Server Operation' started by koroshiya1, Jul 26, 2006.

  1. koroshiya1

    koroshiya1 New Member

    Hi there (never mind the grammar in this post)

    I have got this problem with my second ftp server.

    My first ftp serv works fine, I forwarded port 21 on my router (NAT) to my first server and it works

    Now my second ftp server cannot use port 21 right?
    so I configured it at port 79 and did a forwarding on my router to my second ftp server on port 79

    I also made a port range forwarding to my second ftp server (for passive connections)

    192.168.1.54 (first FTP)
    192.168.1.60 (second FTP)

    **nat table snippet**
    21 -> 21 192.168.1.54
    79 -> 79 192.168.1.60
    40000:40100 192.168.1.60
    **nat table snippet**

    I configured the ftp server with 2 deamons (I never run them at the same time)

    vsftpd (very secure ftp deamon)
    pure-ftpd (pure..)

    On intranet 192.168.1.x clients can login to both servers
    doesn't matter witch deamon I run

    I configured vsftd like this:
    **************************************
    anonymous_enable=YES
    local_enable=YES
    write_enable=YES
    local_umask=022
    dirmessage_enable=YES
    xferlog_enable=YES
    connect_from_port_20=NO
    xferlog_std_format=YES
    ftpd_banner=Welcome to FTP server 2
    pasv_enable=YES
    pasv_promiscuous=YES
    pasv_min_port=40000
    pasv_max_port=40100
    pasv_address=192.168.1.60
    pam_service_name=vsftpd
    userlist_enable=YES
    listen=YES
    listen_port=79
    tcp_wrappers=YES
    *******************************************


    And pure-ftp like this:
    *******************************************

    ChrootEveryone yes

    BrokenClientsCompatibility no
    MaxClientsNumber 50
    Daemonize yes
    MaxClientsPerIP 8
    VerboseLog no
    DisplayDotFiles yes
    AnonymousOnly no
    NoAnonymous no
    SyslogFacility ftp
    DontResolve yes
    MaxIdleTime 15
    LimitRecursion 2000 8
    AnonymousCanCreateDirs no
    MaxLoad 4

    DefaultAddress 192.168.1.60
    PassivePortRange 40000 40100
    ForcePassiveIP (ip from ISP)

    AntiWarez yes
    Bind 192.168.1.60,79

    Umask 133:022
    MinUID 100
    AllowUserFXP yes
    AllowAnonymousFXP no
    ProhibitDotFilesWrite no
    ProhibitDotFilesRead no
    AutoRename no
    AnonymousCantUpload no
    MaxDiskUsage 99
    CustomerProof yes
    *******************************************

    Now the problem is :)
    I can't contact my second ftp server from the outside (internet)
     
  2. falko

    falko Super Moderator

    Did you tell your FTP clients to use port 79? Did you try both active and passive transfers in your FTP clients?
     
  3. koroshiya1

    koroshiya1 New Member

    yes i did, I tested from my house and made a php script to test it remote from "outside" while i'm at work (working on intranet). Tested the script and manual login on my other FTP serv and it works
     
  4. falko

    falko Super Moderator

    Do your firewalls (on the router and your server) allow connections to port 79?
     
  5. koroshiya1

    koroshiya1 New Member

    Yes they do...
     
  6. falko

    falko Super Moderator

    What's the output of
    Code:
    netstat -tap
    and
    Code:
    iptables -L
    on the server where you run FTP on port 79?
     

Share This Page