Re: Public IP's with 1:1 mapping does not map all ports or passive ftp does not work [long]

To: Wojciech Ziniewicz <wojciech.ziniewicz@gmail.com>, debian-firewall@lists.debian.org
Subject: Re: Public IP's with 1:1 mapping does not map all ports or passive ftp does not work [long]
From: Hans van Kranenburg <od251@xs4all.nl>
Date: Wed, 20 Sep 2006 17:11:14 +0200
Message-id: <[🔎] 45115A12.6010605@xs4all.nl>
In-reply-to: <[🔎] d1473ad90609200802w390346acq2d3fcf9653c02608@mail.gmail.com>
References: <[🔎] d1473ad90609200802w390346acq2d3fcf9653c02608@mail.gmail.com>

Wojciech Ziniewicz wrote:
> 
> I give my customers public ips with SNAT/DNAT (we call it 1:1) ip
> mapping. When A client with lan ip 10.100.1.123 has public ip
> 217.17.x.123 he can use all the apps he want (apps that demand public
> ip or forwardded port) so everything seems to be okay...
> 
> but ...
> 
> a) active ftp does not work

Did you load the ip_conntrack_ftp and ip_nat_ftp iptables helper module?

Hans

Reply to:

References:
- Public IP's with 1:1 mapping does not map all ports or passive ftp does not work [long]
  - From: "Wojciech Ziniewicz" <wojciech.ziniewicz@gmail.com>

Prev by Date: Public IP's with 1:1 mapping does not map all ports or passive ftp does not work [long]
Next by Date: Re: Public IP's with 1:1 mapping does not map all ports or passive ftp does not work [long]
Previous by thread: Public IP's with 1:1 mapping does not map all ports or passive ftp does not work [long]
Next by thread: Re: Public IP's with 1:1 mapping does not map all ports or passive ftp does not work [long]
Index(es):
- Date
- Thread