redhat 5 ftp forwarding

Hi Experts,

I have a RHEL 5.4 box with 2 NICs, one connected to a network that has a FTP server while the other NIC connected to a internal network. I would like to setup this box such that other boxes in the internal network can access the FTP server. Is there something like FTP forwarding that i can setup on this server?

Thanks.
nokypleaseAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
nokypleaseConnect With a Mentor Author Commented:
Hi ,

I managed to setup the forwarding with iptables and nat rules on the RHEL5 box

iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -t nat -P PREROUTING ACCEPT
iptables -t nat -P POSTROUTING ACCEPT
iptables -t nat -P OUTPUT ACCEPT

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 20 -j DNAT --to-destination FTP-Server:20
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 21 -j DNAT --to-destination FTP-Server:21

iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to RHEL5-NIC2


However, when i issue ftp commands like ls, i got "421 service not available, remote server has closed connection."

please help.
0
 
Vijay Pratap SinghCommented:
Internal boxes can also access the same FTP just need to be in same network whats the issue you facing in this?
0
 
nokypleaseAuthor Commented:
internal boxes cannot access to the subnet that the FTP server locate, other boxes in the internal network can reach the redhat server nic2.

FTP subnet (nic1) ---- RHEL5 ----- internal network (nic2)

the RHEL5 can access to the FTP without problem as it's nic1 is on the FTP subnet. I want to make other servers in the internal network able to access the FTP via RHEL5:-

FTP subnet <---- RHEL5 <----- internal network ----- server A

is there something that i can setup such that serverA can issue a command like "ftp RHEL5" and then it will actually go to the real FTP on the FTP subnet?

Thanks.
0
A proven path to a career in data science

At Springboard, we know how to get you a job in data science. With Springboard’s Data Science Career Track, you’ll master data science  with a curriculum built by industry experts. You’ll work on real projects, and get 1-on-1 mentorship from a data scientist.

 
nokypleaseAuthor Commented:
Anyone ? I am thinking if iptables may work?
0
 
serialbandCommented:
How about running a 2nd FTP server and having it listen on the other IP address?

I'm not on redhat and I don't know which ftp server you're running, but here's what I've done before.  (examples from memory)

cp  -pr /etc/vsftp /etc/vsftp2
sed -i -e 's/IP_1/IP_2/' /etc/vsftp2/vsftpd.conf

cp /etc/init.d/ftp /etc/init.d/ftp2
sed -i -e 's:/etc/vsftp:/etc/vsftp2:g' /etc/init.d/ftp2

/etc/init.d/ftp2 start

I actually had to do this for IPv6.
0
 
nokypleaseAuthor Commented:
Not sure how a 2nd ftp server can achieve my goal?

To simplify a bit, what I want to setup is to forward any incoming ftp request (port 20 and 21 as the target ftp is active) to the rhel5 to the target ftp server running outside of the internal network.

I think I will need to enable ip forwarding, setup some nat rules and may also need to enable ip masquerade on the interface connecting to the ftp?
0
 
serialbandCommented:
The 2nd server would answer on the internal network ip address, allowing your internal users to access the FTP server.  You can have different rules and setups for the two separate servers.
0
 
nokypleaseAuthor Commented:
To resolve the issue after nat, we can ensure the ip-nat kernel modules are loaded
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.