> I'm still having problems with vsftpd and FC2. The machine running > vsftpd has 2 NIC's: > etho 192.168.0.55 netmask 255.255.255.0 > eth1 xxx.xxx.xxx.253 netmask 255.255.255.248 > Where the 192 address is on my internal network and the xxx address is > an external IP. > The routing table is: > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use Iface > xxx.xxx.xxx.248 0.0.0.0 255.255.255.248 U 0 0 0 eth1 > 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 > 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 > 0.0.0.0 xxx.xxx.xxx.250 0.0.0.0 UG 0 0 0 eth1 > The xxx.xxx.xxx.248 address is my ISPs gateway and xxx.xxx.xxx.250 is my > router/gateway. The NAT and Firewall are both off on the router/gateway. > The routing table is identical to that of my mail server which works. > The problem is that when I connect to the ftp server via the 192 address > from another machine on the internal network, both passive and active > modes work and I can upload and download files. > Connecting to the external IP address of ftp server from a machine on > the internal network, passive mode works, but active mode hangs: Perhaps your smoothwall is not set up to proxy active mode FTP. Try connecting to e.g. ftp.lantronix.com and logging in as "anonymous" with your email address as password. You should be able to do a directory listing. If this works in passive but not in active, I'd first suspect the smoothwall, then the D-Link configuration. > I get similar results when connecting from an external machine, in this > case it is a Windows XP machine, using FTP then ls at a command window > gives > 200 PORT command successful. Consider using PASV. > 150 Here comes the directory listing. > and then it hangs which implies that neither passive or active mode > works. May not be true. Standard command line FTP in Win XP cannot do passive mode at all. You can try passive mode from Internet Explorer. Is that machine directly on a public IP with no firewall or NAT? > I have eliminated the firewall on the FTP server as the problem by > turning off iptables. > As an aside, my local network is behind a firewall (smoothwall) which is > using the external address of xxx.xxx.xxx.251. If the problems are not on the client side: Traceroute to your FTP gives a response from D-Link with address xxx.xxx.24.249 . Is that its WAN address? If so, what is its default gateway? Is the ADSL modem built into the D-Link? If not, perhaps you can test with the gateway bypassed. --Stewart
