The UK Home Automation Archive | ||
| Archive Home | ||
| Group Home | ||
|
The UKHA-ARCHIVE IS CEASING OPERATIONS 31 DEC 2024 | ||||
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: Fw: FTP passive ports for firewalls
I have test it on my USR8000 router and it works. More, I have the internal FTP server on port 99. Just disabled all the access lists for the FTP server IP address on the router and.... works like a charm. I have opened for input just the port 99 (21 in your case). Dan ----- Original Message ----- From: Dan To: ukha_d@xxxxxxx Sent: Tuesday, January 21, 2003 7:38 PM Subject: Re: [ukha_d] Fw: FTP passive ports for firewalls I'm not sure if it will work through NAT even if you open ports 1024-5000. The connection is initiated from outside, so I don't know if the return packets from the PC will pass through the NAT, even if you open upper ports.... Why don't you want to put the FTP server in DMZ? They are more that one FTP server inside your network? Dan ----- Original Message ----- From: Stuart Whyte To: 'ukha_d@xxxxxxx' Sent: Tuesday, January 21, 2003 7:30 PM Subject: RE: [ukha_d] Fw: FTP passive ports for firewalls Gareth, Don't agree. I have both those ports open, and I get NOTHING under passive mode. (i.e. I can connect, logon, but then the connection times out) -----Original Message----- From: Gareth Cook [mailto:g@xxxxxxx] Sent: 21 January 2003 17:26 To: ukha_d@xxxxxxx Subject: Fw: [ukha_d] Fw: FTP passive ports for firewalls Not quite correct - if you enable passive mode ftp on the client (like IE or GetRight) then ports 20 and 21 are enough G. Gareth Cook Technical Consultant IBM Early Deployment Lotus Park, Staines, TW18 3AG Office: +44 (0) 1784 445 166 Mobile: +44 (0) 7980 445 166 Fax: +44 (0) 1784 499 166 Work: g@xxxxxxx Personal: g@xxxxxxx AIM Chat : TheBoyG MSN Chat : chat@xxxxxxx ----- Forwarded by Gareth Cook/UK/IBM on 21/01/2003 17:23 ----- Discussion Main Topic "Dan" <dtoma@xxxxxxx> Today 17:17 . Subject: . Re: [ukha_d] Fw: FTP passive ports for firewalls . Category: Hi Stuart, You cannot enter to an internal FTP server just opening some ports... you need something like an application gateway. You must trigger upper ports (>1024) opening for output for any input access to ports 20 and 21. If you just forward ports 20 and 21 to an internal host, then you will be able to connect to the FTP server (first step), but not to do any other operation, like listing a directory or copy a file. You can try to put the computer in DMZ.. then it will be directly exposed to the Internet. Look at the following page for more informations about accessing internal services through the firewall. http://www.homenethelp.com/web/howto/apps-behind-router.asp .. but take care.. for FTP is not enough to open one port, like on that page. Read user comments too. It is not the same for telnet..you can pass only port 23 and you're done. The same for HTTP. ..but...FTP is a little bit different. Dan ----- Original Message ----- From: Stuart Whyte To: 'ukha_d@xxxxxxx' Sent: Tuesday, January 21, 2003 6:57 PM Subject: RE: [ukha_d] Fw: FTP passive ports for firewalls Dan, Come INTO my firewall from the internet, to server inside. I have a linksys cable modem router/firewall. S. -----Original Message----- From: Dan [mailto:dtoma@xxxxxxx] Sent: 21 January 2003 16:41 To: ukha_d@xxxxxxx Subject: Re: [ukha_d] Fw: FTP passive ports for firewalls Hi Stuart, Do you want to enter through the firewall to a internal host for FTP, or to acces an outside FTP server? What kind of firewall do you have? Dan ----- Original Message ----- From: Stuart Whyte To: UKHA (E-mail) Sent: Tuesday, January 21, 2003 6:03 PM Subject: [ukha_d] Fw: FTP passive ports for firewalls Posted this to UKHA_Networking and got no joy. Anyone here not on that list know the answer? All, Does anyone know what the range of ports on my firewall I have to open to get passive FTP through?? I have opened 20 and 21, but I understand that I need to open up some high port numbers too?? Cheers Stuart ************************************************************** Franklin + Andrews is a business name of Franklin & Andrews Limited (Registered in England No 4408389), whose registered office is at St Anne House, Wellesley Road, Croydon, CR9 2UL This email message and accompanying data transmitted with it are for the sole use of the intended recipient(s) and may contain information that is confidential. If you are not the intended recipient(s), you are notified that any use, dissemination, disclosure, distribution or copying of this message or data is prohibited. If you have received this email message in error, please notify us immediately and erase all copies of this message and attachments. [Non-text portions of this message have been removed] Yahoo! Groups Sponsor ADVERTISEMENT http://www.automatedhome.co.uk Post message: ukha_d@xxxxxxx Subscribe: ukha_d-subscribe@xxxxxxx Unsubscribe: ukha_d-unsubscribe@xxxxxxx List owner: ukha_d-owner@xxxxxxx List of UKHA Groups here - http://groups.yahoo.com/group/UKHA_Grouplists/ Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service. [Non-text portions of this message have been removed] http://www.automatedhome.co.uk Post message: ukha_d@xxxxxxx Subscribe: ukha_d-subscribe@xxxxxxx Unsubscribe: ukha_d-unsubscribe@xxxxxxx List owner: ukha_d-owner@xxxxxxx List of UKHA Groups here - http://groups.yahoo.com/group/UKHA_Grouplists/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ ************************************************************** Franklin + Andrews is a business name of Franklin & Andrews Limited (Registered in England No 4408389), whose registered office is at St Anne House, Wellesley Road, Croydon, CR9 2UL This email message and accompanying data transmitted with it are for the sole use of the intended recipient(s) and may contain information that is confidential. If you are not the intended recipient(s), you are notified that any use, dissemination, disclosure, distribution or copying of this message or data is prohibited. If you have received this email message in error, please notify us immediately and erase all copies of this message and attachments. [Non-text portions of this message have been removed] Yahoo! Groups Sponsor ADVERTISEMENT http://www.automatedhome.co.uk Post message: ukha_d@xxxxxxx Subscribe: ukha_d-subscribe@xxxxxxx Unsubscribe: ukha_d-unsubscribe@xxxxxxx List owner: ukha_d-owner@xxxxxxx List of UKHA Groups here - http://groups.yahoo.com/group/UKHA_Grouplists/ Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service. [Non-text portions of this message have been removed] http://www.automatedhome.co.uk Post message: ukha_d@xxxxxxx Subscribe: ukha_d-subscribe@xxxxxxx Unsubscribe: ukha_d-unsubscribe@xxxxxxx List owner: ukha_d-owner@xxxxxxx List of UKHA Groups here - http://groups.yahoo.com/group/UKHA_Grouplists/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ [Non-text portions of this message have been removed] http://www.automatedhome.co.uk Post message: ukha_d@xxxxxxx Subscribe: ukha_d-subscribe@xxxxxxx Unsubscribe: ukha_d-unsubscribe@xxxxxxx List owner: ukha_d-owner@xxxxxxx List of UKHA Groups here - http://groups.yahoo.com/group/UKHA_Grouplists/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ ************************************************************** Franklin + Andrews is a business name of Franklin & Andrews Limited (Registered in England No 4408389), whose registered office is at St Anne House, Wellesley Road, Croydon, CR9 2UL This email message and accompanying data transmitted with it are for the sole use of the intended recipient(s) and may contain information that is confidential. If you are not the intended recipient(s), you are notified that any use, dissemination, disclosure, distribution or copying of this message or data is prohibited. If you have received this email message in error, please notify us immediately and erase all copies of this message and attachments. [Non-text portions of this message have been removed] Yahoo! Groups Sponsor ADVERTISEMENT http://www.automatedhome.co.uk Post message: ukha_d@xxxxxxx Subscribe: ukha_d-subscribe@xxxxxxx Unsubscribe: ukha_d-unsubscribe@xxxxxxx List owner: ukha_d-owner@xxxxxxx List of UKHA Groups here - http://groups.yahoo.com/group/UKHA_Grouplists/ Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service. [Non-text portions of this message have been removed] Yahoo! Groups Sponsor ADVERTISEMENT http://www.automatedhome.co.uk Post message: ukha_d@xxxxxxx Subscribe: ukha_d-subscribe@xxxxxxx Unsubscribe: ukha_d-unsubscribe@xxxxxxx List owner: ukha_d-owner@xxxxxxx List of UKHA Groups here - http://groups.yahoo.com/group/UKHA_Grouplists/ Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service. [Non-text portions of this message have been removed]
http://www.automatedhome.co.uk Post message: ukha_d@xxxxxxx Subscribe: ukha_d-subscribe@xxxxxxx Unsubscribe: ukha_d-unsubscribe@xxxxxxx List owner: ukha_d-owner@xxxxxxx List of UKHA Groups here - http://groups.yahoo.com/group/UKHA_Grouplists/ Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
|