DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
2820n - secure FTP setup
- dxsl
- Topic Author
- Offline
- New Member
-
23 Aug 2009 20:53 #1
by dxsl
2820n - secure FTP setup was created by dxsl
I've successfully ran secure FTP using a Gene6 FTP server and my old Draytek 2600, but I simply cannot get it to run with my new 2820n 
router setup:
port redirection tcp/udp 2000-2001
port redirection tcp/udp 50000-50100
ftp server setup:
listening to port 2001, PASV IP points to my external IP, PASV port range 50000-50100
router does NOT allow anything going through to the ftp server
When connecting to my external IP from within my LAN, Draytek syslog only shows the connection from the FTP client to the router.
I even tried using default ports 20-21(data) for the server instead, same result. I've searched Google,Tech-Net and this forum... I'm missing something obvious, but what...
any help would be greatly appreciated!
tnx Michael
router setup:
port redirection tcp/udp 2000-2001
port redirection tcp/udp 50000-50100
ftp server setup:
listening to port 2001, PASV IP points to my external IP, PASV port range 50000-50100
router does NOT allow anything going through to the ftp server
When connecting to my external IP from within my LAN, Draytek syslog only shows the connection from the FTP client to the router.
I even tried using default ports 20-21(data) for the server instead, same result. I've searched Google,Tech-Net and this forum... I'm missing something obvious, but what...
any help would be greatly appreciated!
tnx Michael
Please Log in or Create an account to join the conversation.
- galaxy60
- Offline
- Junior Member
-
- dxsl
- Topic Author
- Offline
- New Member
-
25 Aug 2009 20:29 #3
by dxsl
Replied by dxsl on topic 2820n - secure FTP setup
tnx for your post, but I'm pretty sure I already have done that:
in NAT/Open ports I configured the open ports as described above.
Furthermore, in System Maintenance/Management/Management access control is disabled.
I'm sure I'm missing something very, very obvious. but what?
PS: I also tested with different FTP Server software ("Serv-U 8.0" aka "N00b FTP Server"
in NAT/Open ports I configured the open ports as described above.
Furthermore, in System Maintenance/Management/Management access control is disabled.
I'm sure I'm missing something very, very obvious. but what?
PS: I also tested with different FTP Server software ("Serv-U 8.0" aka "N00b FTP Server"
Please Log in or Create an account to join the conversation.
- galaxy60
- Offline
- Junior Member
-
- dxsl
- Topic Author
- Offline
- New Member
-
26 Aug 2009 20:09 #5
by dxsl
Replied by dxsl on topic 2820n - secure FTP setup
yes sry... I forgot to mention that, local connection no problem at all. SSL or no SSL. Implicit or explicit, all works fine.
the FTP server is running on a Windows Server 2008R2 machine, so I'm a little reluctant to put it in my DMZ at this time... Even the "fancy" 2008R2 logging does not show anything I can use.
Also I changed the connection and data port to 9021 and 9020 respectively, just to be sure I'm not messing with any default Draytek settings. I'm getting superstitious at this point;)
but still no luck.... I'm mostly looking for a way to monitor what the 2820n does. Syslog simply doesn't reveal enough (it only shows the connection from a LAN FTP client to the external IP, and then syslog is suspecially quiet
Would a packet sniffer do the job?? Anything else I can try? (besides DMZ, which I prefer to use as a very, very last resort, since the machine also will serve as a DC soon)
TI
the FTP server is running on a Windows Server 2008R2 machine, so I'm a little reluctant to put it in my DMZ at this time... Even the "fancy" 2008R2 logging does not show anything I can use.
Also I changed the connection and data port to 9021 and 9020 respectively, just to be sure I'm not messing with any default Draytek settings. I'm getting superstitious at this point
but still no luck.... I'm mostly looking for a way to monitor what the 2820n does. Syslog simply doesn't reveal enough (it only shows the connection from a LAN FTP client to the external IP, and then syslog is suspecially quiet
Would a packet sniffer do the job?? Anything else I can try? (besides DMZ, which I prefer to use as a very, very last resort, since the machine also will serve as a DC soon)
TI
Please Log in or Create an account to join the conversation.
- galaxy60
- Offline
- Junior Member
-
Moderators: Sami