Solved

Run an FTP server behind a Netgear RT314

Posted on 2002-03-14
12
426 Views
Last Modified: 2013-12-14
I tried using the Netgear redirect to route port 2121 to 192.168.0.2, the IP assigned by it to one of my PCs, to use that as
the port for ftp. I configured  several different ftp servers accordingly, but when I try to log on, using my static DSL IP and port 2121, with an ftp client on another PC I consistently get connection refused.  The last server I tried was GuildFTPd and its log shows 2121 active & listening. Any tips on what I need to do would be greatly appreciated. I've tried toggling between Active & Passive and that doesn't seem to make a difference. Thanks much...Dave
0
Comment
Question by:davedo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 6
12 Comments
 

Expert Comment

by:dsplice
ID: 6869160
Davedo,

When using the RT314, you have to enable port fowarding on the router.  You can do this by either telneting to the interface, or using the web interface.  Its menu 15 in the commandline interface or you can browse to it in the web interface.  Once there, what you do is specify the ports that you want fowarded to you, the common ones are 80, 21, 23, Web, FTP and telnet, respectively.  Here you also have to specify which local server you want to point to, in your case, you would want to use port 2121 for the port and ip 192.168.0.2.  Now ftp requests made to the public of your DSL router should be routed to 192.168.0.2.  The other thing that you might want to do on your router is turn off telnet, ftp and web server to the wan, that will disallow anyone to access your router remotely, which is always a smart thing to do.

Dsplice
0
 

Author Comment

by:davedo
ID: 6869881
Hi dsplice, Thanks for the ideas, but as I tried to state in my original question, I already used the web interface to Netgear to set port forwarding. I verified via telnet that it was indeed set to pass port 2121 packets to IP 192.168.0.2, the Netgear assigned IP of the PC running the Guild server. Also, there are no filters in place, other than the Netgear defaults, so that shouldn't be the problem. I apologize if I didn't make myself understood...Dave
0
 

Expert Comment

by:dsplice
ID: 6870082
Dave,

In your TCP/IP filter rule for FTP, do you have specified : Action Matched = Foward

Dsplice
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Expert Comment

by:dsplice
ID: 6870378
Dave,

In your TCP/IP filter rule for FTP, do you have specified : Action Matched = Foward

Dsplice
0
 

Author Comment

by:davedo
ID: 6871915
Dsplice, as I mentioned, the only filters installed are the Netgear defaults, which are for HTTP, Telnet and FTP (port 21). Since I have elected to use port 2121 for FTP it wouldn't seem to make any sense/difference to modify the filter in place for port 21, but I'll go ahead and try it. My understanding was that by setting the port forwarding option on Menu 15 (the telnet interface to maintenance) to direct port 2121 to IP 192.168.0.2 (the Netgear assigned IP of the PC running the server) that in itself enables and defines the forward option.
What am I missing here?...Dave
0
 

Expert Comment

by:dsplice
ID: 6871977
Davedo,

If you want to use port 21, you will have to define a filterin rule.  The router will not automatically know that the traffic going to 192.168.0.2.  When you select a port to foward to, it does not dynamiclly create a filter rule.  YOu have to set the paramaters to foward the packets to the destination address.  Onmy RT314, I foward my ftp trafffic to a ip on my lan on port 8080, and I HAD to create the rule for it to work.  Create teh rule, or use the default rule. Netgear's website actually has a tutorial on how to run servers behind the firewall, and I think it might be in the manual.

Dsplice

0
 

Author Comment

by:davedo
ID: 6874393
Hi Dsplice,
No, I didn't want to use port 21, I had used menu 15 to port forward port 2121 to 192.168.0.2, so perhaps that choice of port numbers confused the issue. Let's assume for talking purposes that I used your port assignment of 8080 for ftp and configured both my ftp server on the 192.168.0.2 PC and an ftp client on another PC accordingly. I also did a Netgear menu 15 port forward of 8080 to 192.168.0.2. Oh, and I'm running at Netgear release 3.25, the latest for the RT314.

OK, since I'm not able to connect, and you are, I assume you're correct, so I also established a filter rule for port 8080, but
I would appreciate a critique of it as I'm not at all clear on some of the fields. First, I added it to the existing Filter Set #3, Tel_FTP_WEB_WAN, so it became Filter # 3,4. Here is what I entered:

Filter # 3,4
Filter Type TCP/IP Filter Rule
Active = Yes
IP Protocol = 6
IP Source Route = No
Destination:
IP Address = 192.168.0.2
IP Mask = 255.255.255.255
Port # = 8080
Port # Comp = Equal
Source:
IP Address = 0.0.0.0
IP Mask = 0.0.0.0
Port # = 8080
Port # Comp = Equal
TCP Estab. = N/A
More = No
Log = None
Action Matched = Forward
Action Not Matched = Check Next Rule

OK, having done all that, I still can't get anything but connection refused - I'm stumped...Dave
0
 

Expert Comment

by:dsplice
ID: 6874603
Davdo,

You have the source and destination adress set to the same port...your destination address should be set to the port you are forwarding to and you do not need to specify the ip addr or the mask, all you need to do is specify the port number you want as your destination port....here is my configuration for my webserver:


 Filter #: 3,3
 Filter Type= TCP/IP Filter Rule
 Active= Yes
 IP Protocol= 6     IP Source Route= No
 Destination: IP Addr= 0.0.0.0
              IP Mask= 0.0.0.0
              Port #= 80
              Port # Comp= Equal
      Source: IP Addr= 0.0.0.0
              IP Mask= 0.0.0.0
              Port #=
              Port # Comp= None
 TCP Estab= No
 More= No           Log= None
 Action Matched= Forward
 Action Not Matched= Forward

If you follow this as a guide, it should work, unless there are other factors that I am aware of?  What isyour ISP and are they blocking the ports your trying to use?  Let me know if this works.

Doug

0
 

Author Comment

by:davedo
ID: 6874836
Hi Doug,

Well, I adjusted the filter as per your example (using 8080 as the port rather than the 80 shown above), but still no go.
I guess I'm giving it up as a lost cause - I appreciate all of your suggestions, but I'm sorry for burning up so much of your time.

I have DSL service from PacBell. Possibly things are getting stopped at their end, but I haven't heard anyone else mention that as a concern if high order ports are assigned for services such as ftp...Dave
0
 

Accepted Solution

by:
dsplice earned 50 total points
ID: 6874848
Davedo,

The only other thing I can offer is where are you trying to access the FTP site from, meaning which side of the firewall are you trying to get to it from?  If you are trying to access it from inside your firewall with the ext. ip, then it will never connect. Try using a network connection outside your fire wall in order to test it.
DOug
0
 

Author Comment

by:davedo
ID: 6875094
Hi Doug,

Mea Culpa - that was *exactly* the problem. I had been trying to connect via another PC attached to the same router, not knowing that this wouldn't work. I disconnected the line from the router and started a dial-up PPP connection and voila, I was able to connect to my ftp server. Sorry for all the confusion and thank you for your patience!...Dave
0
 

Author Comment

by:davedo
ID: 6875101
Dsplice went the distance on this one, which was complicated by my lack of understanding of my own firewall's role.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

    Over the past few years, small business and home owners have become so dependent on internet that a need for redundancy has arisen.    What happens when your small business or home / home office loses its internet connection?  The results c…
This solves the problem of diagnosing why an internet connection is no longer working. It also helps identify the likely cause of the lost connection if the procedure fails to re-establish your internet connection. It helps to pinpoint the likely co…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question