Hi! I can´t connect to my ftp service on my ispconfig 3 v. 3.0.3.3 server from the WAN connection. example primary gateway address: 10.10.10.1 (linux firewall with WAN IP 77.77.77.77) example secondary gateway address: 10.10.10.2 (another linux firewall with WAN IP 88.88.88.88) Logged on to ispconfig3 server with SSH, I can connect to localhost using FTP. From my local LAN it works too. The ispconfig server only have the primary gateway address (of cource), but I do have 2 firewalls/2 gateways on my local network, because my primary firewall does not support ftp on a multi-wan setup. So my thoughts about this is, that I whant to connect to FTP using my seconday gateway/firewall. When I connect to 88.88.88.88 using FTP, I can´t connect to my ispconfig server. But when I look in the log file "cat /var/log/syslog | grep pure-ftpd", I can see .. Code: Jul 12 15:00:02 web pure-ftpd: ([email protected]) [INFO] New connection from 127.0.0.1 Jul 12 15:00:02 web pure-ftpd: ([email protected]) [INFO] Logout. ... for eatch connection im trying to make from the outside world. If I look at the firewall log in my secondary firewall, I can see the traffic is passed through. (I have tryed with another FTP server on a windows machine, and the firewall rule works just fine, so the error must bee in the pure-ftpd configuration) But when Im logged in to my primary firewall I can see that pure-ftpd have responed on a ftp package. So my conclusion is, pure-ftp sends data respones back to the primary gateway instead of the client ip-address that is connected. netstat -tap shows: Code: .... tcp 0 0 *:ftp *:* LISTEN 30616/pure-ftpd (SE tcp 0 0 domain.com:49281 domain.com:mysql TIME_WAIT - tcp 0 0 domain.com:49280 domain.com:mysql TIME_WAIT - tcp 0 300 domain.com:ssh 10.10.10.103:60212 ESTABLISHED 30217/0 tcp6 0 0 [::]:ssh [::]:* LISTEN 1346/sshd tcp6 0 0 [::]:https [::]:* LISTEN 849/apache2 tcp6 0 0 [::]:http-alt [::]:* LISTEN 849/apache2 tcp6 0 0 [::]:www [::]:* LISTEN 849/apache2 tcp6 0 0 [::]:tproxy [::]:* LISTEN 849/apache2 tcp6 0 0 [::]:ftp [::]:* LISTEN 30616/pure-ftpd (SE .... iptables -L shows: Code: .... PAROLE tcp -- anywhere anywhere tcp dpt:ftp-data PAROLE tcp -- anywhere anywhere tcp dpt:ftp .... Does anyone have any idea of what I can do to make pure-ftpd respond on the ip it recives data from? Best regards Wolfiedk
Not sure, but maybe the -P option is what you need: http://download.pureftpd.org/pub/pure-ftpd/doc/README This is just a coincidence - in fact that's ISPConfig's Monitor module which tries to connect to PureFTPd to find out if it's still running.
