deltreesolutions
asked on
Active FTP behind router on a Cable Modem Connection
I have a custom Visual Basic app that runs some automated procedures over FTP. I have recently moved office locations and now the application no longer works.
CuteFTP works in Passive mode. But IE and the command prompt both do not work in active mode. I understand how the modes work and I know that Active mode requires the server to open connections to the client and that a client firewall could interfere with this.
I suspect that because active FTP is not working, the custom app runs over active FTP. Can anyone tell me how I can get around this? Would an FTP proxy work? How do I set this up? Or would it be possible to configure my router to accept these connections? Recoding the app is the last thing that I want to do, so please assume that it has to run active FTP. Im just looking for a way to make this work.
Thanks,
Joe
CuteFTP works in Passive mode. But IE and the command prompt both do not work in active mode. I understand how the modes work and I know that Active mode requires the server to open connections to the client and that a client firewall could interfere with this.
I suspect that because active FTP is not working, the custom app runs over active FTP. Can anyone tell me how I can get around this? Would an FTP proxy work? How do I set this up? Or would it be possible to configure my router to accept these connections? Recoding the app is the last thing that I want to do, so please assume that it has to run active FTP. Im just looking for a way to make this work.
Thanks,
Joe
ASKER
Thanks savone. I have already seen it. It explains that in active mode the server needs to connect to ports on the client directly. Is there a port range that I can have forwarded to an internal IP? I need to know how to configure this or bypass it altogether.
TO bypass the firewall put the server in the default server IP, or DMZ as Linksys calls it.
You completely expose the server to attacks.
Otherwise read the firewall manual and forward a range of high ports to the sevrer.
You completely expose the server to attacks.
Otherwise read the firewall manual and forward a range of high ports to the sevrer.
Agreed public... the doc I posted will show you what ports to forward.
ASKER
I should have been more clear. The client and client app is behind the router, so my personal computer sits behind this router. The app needs to connect to a typical ftp server that I have no control over.
According to that article, Active FTP requires that the server be able to open client ports, which client routers will often block. I assume that this is the problem I am having. Public's advice may work though if I open up a DMZ to the internal client machine.
According to that article, Active FTP requires that the server be able to open client ports, which client routers will often block. I assume that this is the problem I am having. Public's advice may work though if I open up a DMZ to the internal client machine.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I essentially found this answer on my own. Googling this search term: active connection NAT router ftp
My client fixed the problem by port forwarding port 21 to his PC behind the NAT router. This doesn't make any sense to me and I suspect that the router was already capable of supporting Active FTP connections. I did notice in new Netgear routers that they have a section called port triggering, which will open up external ports only when a certain internal port has been triggered. This is perfect.
I am giving the points to public b/c that answer is true and will have the same effect as the port triggering.
My client fixed the problem by port forwarding port 21 to his PC behind the NAT router. This doesn't make any sense to me and I suspect that the router was already capable of supporting Active FTP connections. I did notice in new Netgear routers that they have a section called port triggering, which will open up external ports only when a certain internal port has been triggered. This is perfect.
I am giving the points to public b/c that answer is true and will have the same effect as the port triggering.
http://slacksite.com/other/ftp.html