FTPS not working. Server IP is private. FW doing NAT

Postby smunzani » Fri Oct 28, 2011 8:22 pm


My connectivity is like below.
Internet ----- FW------ Wing-FTP.

Since wing-ftp is using private IP, I am doing the NAT on the firewall. HTTPS and SFTP both works with NAT but the FTPS doesn't seem to work. During the session establishment, it tries to send its real IP which is non routable over the internet. How can I get around this issue? Below is session log from a filezilla client. Below is scrubbed output.

Status: Resolving address of sftp.xxxx.com
Status: Connecting to x.x.x.x:990...
Status: Connection established, initializing TLS...
Status: Verifying certificate...
Status: TLS/SSL connection established, waiting for welcome message...
Response: 220 Welcome to Wing FTP
Command: USER xxxxx
Response: 331 Password required for xxxxx
Command: PASS ********
Response: 230 User xxxxx logged in.
Command: SYST
Response: 215 UNIX Type: L8
Command: FEAT
Response: 211-Extension supported
Response: PBSZ
Response: PROT
Response: MDTM
Response: MDTM YYYYMMDDHHMMSS;filename
Response: SIZE
Response: MLSD
Response: CLNT
Response: UTF8
Response: AUTH SSL
Response: AUTH TLS
Response: OPTS
Response: STAT
Response: EPRT
Response: HELP
Response: XCRC "filename" SP EP
Response: SITE MSG messagetext
Response: SITE PSWD oldpass newpass
Response: SITE UZIP filename.zip
Response: SITE ZIP filename.zip sourcefile1||sourcefile2||sourcefile3||...
Response: 211 End
Command: CLNT FileZilla
Response: 200 Noted.
Command: OPTS UTF8 ON
Response: 200 UTF8 OPTS ON
Command: PBSZ 0
Response: 200 Command okay. PBSZ=0.
Command: PROT P
Response: 200 Encrypting Data Channel.
Status: Connected
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is current directory.
Command: TYPE I
Response: 200 Type set to I
Command: PASV
Response: 227 Entering Passive Mode (172,22,22,22,4,0)
Status: Server sent passive reply with unroutable address. Using server address instead.
Command: MLSD
Error: GnuTLS error -53: Error in the push function.
Error: Connection timed out
Error: Failed to retrieve directory listing
Re: FTPS not working. Server IP is private. FW doing NAT

Postby FTP » Sat Oct 29, 2011 1:38 am

Please refer to this topic:
