[plucnik]

I've set up an FTP server on a computer that has a static IP. We have a hardware firewall that uses a script to allow access through it. I'm kind of stumped on this one though. I cannot seem to access the FTP server from the WAN side EXCEPT when I drop the firewall. Access from the LAN side isn't a problem. These are the FTP scripts that I have tried. I'm a little fuzzy on the "active" and "passive" FTP concept and that's probably my problem. Can anyone show me the error of my ways?
Thanks!
Peter


#ftp from LAN to WAN will be accepted
remote ipfilter insert input accept -p tcp -sp 21 -dp 1024:65535 internet
remote ipfilter insert output accept -p tcp -dp 21 -sp 1024:65535 internet
remote ipfilter insert input accept -p tcp -sp 20 -dp 1024:65535 internet
remote ipfilter insert output accept -p tcp -dp 20 -sp 1024:65535 internet
# FTP
remote ipfilter append input accept -p tcp -sp 20:21 internet
remote ipfilter append output accept -p tcp -dp 20:21 internet

 

[Monstrous Mi]

What is your hardware firewall?

Does it know what "internet" is?

 

[plucnik]

It's actually built into the the "Efficient Networks" DSL business router (along with DHCP, VPN and a bunch of other features. I've added lines to the firewall script to allow other things like VNC, time service, SSL etc and all work fine. I just think that I have a syntax problem with the FTP and port 20 and 21 script lines.
Thanks Pete