OPNsense Forum

Archive => 19.1 Legacy Series => Topic started by: jmp20 on May 02, 2019, 09:55:23 pm

Title: FTP-Proxy Setup - 19.1.4
Post by: jmp20 on May 02, 2019, 09:55:23 pm: Hello,
My setup:

Opnsense Int IP: 10.10.10.11
Opnsense Ext IP: 45.56.67.78
Internal client: 192.168.20.20

I have problems connecting to FTP sites via the FTP-Proxy. I followed this mini-howto:
https://forum.opnsense.org/index.php?topic=3868.0 (https://forum.opnsense.org/index.php?topic=3868.0)

I have NAT on LAN port forward from 21 to 8021 and External Outbound NAT on WAN IP. But, when I try to connect to any FTP site on the internet it times out thus connection to any internet FTP sites fail. I noticed that When i do a TCP dump i see the packets go from

client: 192.168.20.20:23456 --> firewall: 127.0.0.1:8021
then from
firewall: 10.10.10.11:45678 --> firewall: 10.10.10.11:21

the first packet is visible on the LAN interface and the second packet is shown afterwards on the lo0 interface.

Is there a configuration item/option i should be looking into to correct this problem?

Thakn you!!
Title: Re: FTP-Proxy Setup - 19.1.4
Post by: faunsen on May 08, 2019, 05:47:34 pm: Quote from: jmp20 on May 02, 2019, 09:55:23 pm

client: 192.168.20.20:23456 --> firewall: 127.0.0.1:8021
then from
firewall: 10.10.10.11:45678 --> firewall: 10.10.10.11:21

This looks strange. This should go to the public FTP server via WAN.

The question is why does the firewall redirect FTP to itself?
Routing? Redirects? Reverse address?

SMF 2.0.19 | SMF © 2021, Simple Machines
Privacy Policy