NAT + FTP = troubles?

  • Thread starter Thread starter Massimo
  • Start date Start date
M

Massimo

I have two Windows Server 2003 web and FTP servers (IIS 6.0) behind a
Windows Server 2003 router, using RRAS with NAT. The private LAN is a the
class C 192.168.43.0/24, the addresses of the two servers are 192.168.43.11
and 192.168.43.20, the address of the RRAS server is 192.168.43.1; each of
the servers uses the RRAS server as the default gateway.
The RRAS server itself has two public IPs, X.Y.Z.137 and X.Y.Z.185; I want
to forward the HTTP and FTP services from the .137 IP to the first server,
and from the .185 IP to the second server.
I assigned .137 as the main address of the public interface of the server,
and then in the RRAS console specified .137 and .185 in the address pool; I
also created a reservation for .185 to the second server, without allowing
incoming connections. I also opened the right ports (80 and 21) for both
public IPs to the servers, so the mappings are as follows:

X.Y.Z.137:21 -> 192.168.43.11:21
X.Y.Z.137:80 -> 192.168.43.11:80
X.Y.Z.185:21 -> 192.168.43.20:21
X.Y.Z.185:80 -> 192.168.43.20:80

Everything works fine, except FTP to the second server. When I try
connecting from the outside, the connection is established and then sits
there for a while; before getting to the authentication phase, it dies. This
happens from the command-line FTP utility... when using IE, it reports that
the FTP session has been terminated.
HTTP for both servers and FTP for the first one work perfectly.

I really don't know what's going wrong, everything seems to be fine but it
dowsn't work... and I need these two servers up and running for tomorrow.
Can someone please help?

Massimo
 
from the outside, can you telnet to port 21? This will tell us if we can get
to the box OK. Let's see if we can get a connection first and then we'll see
if it's an FTP problem or not.
 
from the outside, can you telnet to port 21? This will tell us if we can
get to the box OK. Let's see if we can get a connection first and then
we'll see if it's an FTP problem or not.
Click to expand...

Yes, the connection gets established correctly (as it is using the
command-line FTP client).

Massimo
 
I have two Windows Server 2003 web and FTP servers (IIS 6.0) behind a
Windows Server 2003 router, using RRAS with NAT. The private LAN is a the
class C 192.168.43.0/24, the addresses of the two servers are
192.168.43.11 and 192.168.43.20, the address of the RRAS server is
192.168.43.1; each of the servers uses the RRAS server as the default
gateway.
The RRAS server itself has two public IPs, X.Y.Z.137 and X.Y.Z.185; I want
to forward the HTTP and FTP services from the .137 IP to the first server,
and from the .185 IP to the second server.
I assigned .137 as the main address of the public interface of the server,
and then in the RRAS console specified .137 and .185 in the address pool;
I also created a reservation for .185 to the second server, without
allowing incoming connections. I also opened the right ports (80 and 21)
for both public IPs to the servers, so the mappings are as follows:

X.Y.Z.137:21 -> 192.168.43.11:21
X.Y.Z.137:80 -> 192.168.43.11:80
X.Y.Z.185:21 -> 192.168.43.20:21
X.Y.Z.185:80 -> 192.168.43.20:80

Everything works fine, except FTP to the second server. When I try
connecting from the outside, the connection is established and then sits
there for a while; before getting to the authentication phase, it dies.
This happens from the command-line FTP utility... when using IE, it
reports that the FTP session has been terminated.
HTTP for both servers and FTP for the first one work perfectly.
Click to expand...

Any tought about this?
FTP also work perfectly on the second IP, if I configure only that mapping;
the RRAS just seems not to be able to handle two port 21 mappings at once.

Massimo
 
Back
Top