| Groups | Blog | Home |
iis ftp : Passive FTP on PPPoE connection
Since a couple of months I've been using IIS 6 as my FTP server on a PPPoE
connection. This setup however has given me headaches for a while now, so I hope someone here can help me out of these problems. The problem is that I can't seem to connect from the internet using passive FTP. I've traced the problem to the 227 command, which returns my local IP address (in the NAT setup). E.g.: '227 Entering Passive Mode (10,2,2,101,6,215).', whereas 10.2.2.101 is my private IP address. Sometimes a reboot could fix the problem, so that the 227 command would return my public IP address. RRAS would then automatically arrange NAT and firewall settings, so in those cases it worked like it should. However, a reboot is far from problem solving and rebooting takes quite a while on the machine. My current setup is like this: The server obtains a public IP using PPPoE (using a raspppoe created connection, this works fine however). I use RRAS for the basic firewall and for NAT. The problem occurs with and without the firewall, so I am sure that the firewall can't cause any problems. I've enabled the FTP service in RRAS, which should take care of everything like forwarding port 20, forwarding the passive port and taking care of the firewall for these ports. Hopefully someone here knows how to deal with IIS 6 Passive FTP in a NAT situation. Perhaps someone could give some more information about the FTP part of the NAT 'engine', since I find there is very few information on that topic. TIA A. Gijsberts
Seeing internal ip address is correct..... I'm curious on how sometime you
get private but other times you got the public IP address from RRAS. Let me summon someone for you : Alun, Alun, Alun !!! -- Regards, Bernard Cheah http://www.tryiis.com/ http://support.microsoft.com/ http://www.msmvps.com/bernard/ [quoted text, click to view] "Arjan Gijsberts" <arjang@ch.tudelft.nl> wrote in message news:%23aiSH0rOFHA.3668@TK2MSFTNGP14.phx.gbl... > Since a couple of months I've been using IIS 6 as my FTP server on a PPPoE > connection. This setup however has given me headaches for a while now, so > I hope someone here can help me out of these problems. > > The problem is that I can't seem to connect from the internet using > passive FTP. I've traced the problem to the 227 command, which returns my > local IP address (in the NAT setup). E.g.: '227 Entering Passive Mode > (10,2,2,101,6,215).', whereas 10.2.2.101 is my private IP address. > Sometimes a reboot could fix the problem, so that the 227 command would > return my public IP address. RRAS would then automatically arrange NAT and > firewall settings, so in those cases it worked like it should. However, a > reboot is far from problem solving and rebooting takes quite a while on > the machine. > > My current setup is like this: The server obtains a public IP using PPPoE > (using a raspppoe created connection, this works fine however). I use RRAS > for the basic firewall and for NAT. The problem occurs with and without > the firewall, so I am sure that the firewall can't cause any problems. > I've enabled the FTP service in RRAS, which should take care of everything > like forwarding port 20, forwarding the passive port and taking care of > the firewall for these ports. > > Hopefully someone here knows how to deal with IIS 6 Passive FTP in a NAT > situation. Perhaps someone could give some more information about the FTP > part of the NAT 'engine', since I find there is very few information on > that topic. > > TIA > > A. Gijsberts > > >
I just solved the IP address issue by changing the local IP (10.2.2.101) to
127.0.0.1 in the RRAS NAT/Firewall config. This setting seems to send the actual IP address the connection was initiated to in the 227 command. In other words, passive works from the internet connecting to the PPPoE address as well as locally, connecting to one of the local IP addresses. However, at this moment the RRAS firewall prevents me from connecting from internet. Disabling the firewall solves all problems, but one can imagine that I would like to enable it. If I remember well, RRAS should open the port chosen by IIS for passive FTP. Does someone have more information how this exactly works? As a (temporary?) workaround, I can specify the port range for passive FTP and open that range in the RRAS firewall. [quoted text, click to view] "Bernard" <qbernard@hotmail.com.discuss> wrote in message news:%23Hq%23r2lPFHA.1528@TK2MSFTNGP09.phx.gbl... > Seeing internal ip address is correct..... I'm curious on how sometime you > get private but other times you got the public IP address from RRAS. > > Let me summon someone for you : Alun, Alun, Alun !!! > > -- > Regards, > Bernard Cheah > http://www.tryiis.com/ > http://support.microsoft.com/ > http://www.msmvps.com/bernard/ > > > "Arjan Gijsberts" <arjang@ch.tudelft.nl> wrote in message > news:%23aiSH0rOFHA.3668@TK2MSFTNGP14.phx.gbl... >> Since a couple of months I've been using IIS 6 as my FTP server on a >> PPPoE connection. This setup however has given me headaches for a while >> now, so I hope someone here can help me out of these problems. >> >> The problem is that I can't seem to connect from the internet using >> passive FTP. I've traced the problem to the 227 command, which returns my >> local IP address (in the NAT setup). E.g.: '227 Entering Passive Mode >> (10,2,2,101,6,215).', whereas 10.2.2.101 is my private IP address. >> Sometimes a reboot could fix the problem, so that the 227 command would >> return my public IP address. RRAS would then automatically arrange NAT >> and firewall settings, so in those cases it worked like it should. >> However, a reboot is far from problem solving and rebooting takes quite a >> while on the machine. >> >> My current setup is like this: The server obtains a public IP using PPPoE >> (using a raspppoe created connection, this works fine however). I use >> RRAS for the basic firewall and for NAT. The problem occurs with and >> without the firewall, so I am sure that the firewall can't cause any >> problems. I've enabled the FTP service in RRAS, which should take care of >> everything like forwarding port 20, forwarding the passive port and >> taking care of the firewall for these ports. >> >> Hopefully someone here knows how to deal with IIS 6 Passive FTP in a NAT >> situation. Perhaps someone could give some more information about the FTP >> part of the NAT 'engine', since I find there is very few information on >> that topic. >> >> TIA >> >> A. Gijsberts >> >> >> > >
It sounds like you're having problems more with RRAS than with FTP - you
should post your question over on the RRAS newsgroups - you might try microsoft.public.win2000.ras_routing [I know you use Windows Server 2003, but you should find someone knowledgeable in all versions of RRAS there]. If you prefer to use the web interface to access this newsgroup, you can do so at http://www.microsoft.com/technet/community/newsgroups/dgbrowser/en-us/default.mspx?dg=microsoft.public.win2000.ras_routing Alun. ~~~~ -- Software Design Engineer, Internet Information Server (FTP) This posting is provided "AS IS" with no warranties, and confers no rights. [quoted text, click to view] "Arjan Gijsberts" <arjang@ch.tudelft.nl> wrote in message news:%23tGtQIoPFHA.1476@TK2MSFTNGP09.phx.gbl... >I just solved the IP address issue by changing the local IP (10.2.2.101) to >127.0.0.1 in the RRAS NAT/Firewall config. This setting seems to send the >actual IP address the connection was initiated to in the 227 command. In >other words, passive works from the internet connecting to the PPPoE >address as well as locally, connecting to one of the local IP addresses. > > However, at this moment the RRAS firewall prevents me from connecting from > internet. Disabling the firewall solves all problems, but one can imagine > that I would like to enable it. If I remember well, RRAS should open the > port chosen by IIS for passive FTP. Does someone have more information how > this exactly works? As a (temporary?) workaround, I can specify the port > range for passive FTP and open that range in the RRAS firewall. > > "Bernard" <qbernard@hotmail.com.discuss> wrote in message > news:%23Hq%23r2lPFHA.1528@TK2MSFTNGP09.phx.gbl... >> Seeing internal ip address is correct..... I'm curious on how sometime >> you get private but other times you got the public IP address from RRAS. >> >> Let me summon someone for you : Alun, Alun, Alun !!! >> >> -- >> Regards, >> Bernard Cheah >> http://www.tryiis.com/ >> http://support.microsoft.com/ >> http://www.msmvps.com/bernard/ >> >> >> "Arjan Gijsberts" <arjang@ch.tudelft.nl> wrote in message >> news:%23aiSH0rOFHA.3668@TK2MSFTNGP14.phx.gbl... >>> Since a couple of months I've been using IIS 6 as my FTP server on a >>> PPPoE connection. This setup however has given me headaches for a while >>> now, so I hope someone here can help me out of these problems. >>> >>> The problem is that I can't seem to connect from the internet using >>> passive FTP. I've traced the problem to the 227 command, which returns >>> my local IP address (in the NAT setup). E.g.: '227 Entering Passive Mode >>> (10,2,2,101,6,215).', whereas 10.2.2.101 is my private IP address. >>> Sometimes a reboot could fix the problem, so that the 227 command would >>> return my public IP address. RRAS would then automatically arrange NAT >>> and firewall settings, so in those cases it worked like it should. >>> However, a reboot is far from problem solving and rebooting takes quite >>> a while on the machine. >>> >>> My current setup is like this: The server obtains a public IP using >>> PPPoE (using a raspppoe created connection, this works fine however). I >>> use RRAS for the basic firewall and for NAT. The problem occurs with and >>> without the firewall, so I am sure that the firewall can't cause any >>> problems. I've enabled the FTP service in RRAS, which should take care >>> of everything like forwarding port 20, forwarding the passive port and >>> taking care of the firewall for these ports. >>> >>> Hopefully someone here knows how to deal with IIS 6 Passive FTP in a NAT >>> situation. Perhaps someone could give some more information about the >>> FTP part of the NAT 'engine', since I find there is very few information >>> on that topic. >>> >>> TIA >>> >>> A. Gijsberts >>> >>> >>> >> >> > >
Don't see what you're looking for? Try a search.
|
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
December 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
December 2007
January 2008
February 2008
March 2008
April 2008
May 2008
June 2008
| home · blog · groups | Questions? Comments? Contact the dn |