I'm still having problems with vsftpd and FC2. The machine running vsftpd has 2 NIC's: etho 192.168.0.55 netmask 255.255.255.0 eth1 xxx.xxx.xxx.253 netmask 255.255.255.248 Where the 192 address is on my internal network and the xxx address is an external IP. The routing table is: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface xxx.xxx.xxx.248 0.0.0.0 255.255.255.248 U 0 0 0 eth1 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 0.0.0.0 xxx.xxx.xxx.250 0.0.0.0 UG 0 0 0 eth1 The xxx.xxx.xxx.248 address is my ISPs gateway and xxx.xxx.xxx.250 is my router/gateway. The NAT and Firewall are both off on the router/gateway. The routing table is identical to that of my mail server which works. The problem is that when I connect to the ftp server via the 192 address from another machine on the internal network, both passive and active modes work and I can upload and download files. Connecting to the external IP address of ftp server from a machine on the internal network, passive mode works, but active mode hangs: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls 227 Entering Passive Mode (xxx,xxx,xxx,253,58,83) 150 Here comes the directory listing. drwx------ 3 500 500 4096 Oct 31 17:23 Desktop drwxr-xr-x 2 500 500 4096 Nov 05 18:29 test 226 Directory send OK. ftp> passive Passive mode off. ftp> ls 200 PORT command successful. Consider using PASV. 150 Here comes the directory listing. receive aborted waiting for remote to finish abort 426 Failure writing network stream. 225 No transfer to ABOR. I get similar results when connecting from an external machine, in this case it is a Windows XP machine, using FTP then ls at a command window gives 200 PORT command successful. Consider using PASV. 150 Here comes the directory listing. and then it hangs which implies that neither passive or active mode works. I have eliminated the firwall on the FTP server as the problem by turning off iptables. As an aside, my local network is behind a firewall (smoothwall) which is using the external address of xxx.xxx.xxx.251. I need to be able to use active mode as some of the users can only use this method. Sorry about the length of this post, but I am totally stuck. Rob
