What's new

Accessing FTP site using External IP Address, blocking

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Mark070

Regular Contributor
Hey there,

Configuring my Dream Machine, and I have a FTP server sitting behind the firewall, address 192.168.1.5 port 6032 (SFTP).

I added a Port Forwarding rule that maps to that, and thats all I have done in terms of the firewall/port fowarding.

When I try to access the FTP server using my external ip address (example. 66.100.56.120:6032) from something like Filezilla, it's blocked by my firewall.

I can ping that address (minus the port) and that works fine. I can use my internal address and that works fine. I just cannot connect using the external IP address.

Is there something I missed? my firewall rules messed up? (attached picture of rules). Keep in mind, these are the default rules, only one added is the port forwarding.

My EdgeRouter 4 works just fine, but the Dream Machine (defaulted state) does not seem to like it

Thanks for any advice in advance
 

Attachments

  • Firewallrules.PNG
    Firewallrules.PNG
    318 KB · Views: 230
FTP and SFTP are different protocols that use different ports. I can't see from your screenshots what ports you are forwarding, and you haven't shown us the FileZilla connection details.
 
Correct, I have setup SFTP (port 6032) on my internal server. (attached picture). This has not changed, and works just fine.

I have also attached the Port Forward Rule as well
 

Attachments

  • PF6032.PNG
    PF6032.PNG
    20.3 KB · Views: 281
  • SynSFTP.PNG
    SynSFTP.PNG
    184.7 KB · Views: 261
  • FTPLog.PNG
    FTPLog.PNG
    23.1 KB · Views: 234
Good to see someone using a Dream Machine.

Any chance you need to add an ACL or port forward rule for your outside IP addresss? I would try it just to make sure it does not change things.

Any should cover it. Maybe a public IP is not allowed.
 
The port forwarding looks correct. We can see the client connects to the server but it isn't doing the key exchange.

I would look at the logs on the server machine. I suspect it's a configuration issue with the SSH server. Sorry, I can't offer any other ideas as I don't use the same devices as you.
 
Turns out, I believe, as I have the FTP server down right now; the current stable UDM firmware has an issue with Hairpinning/loopback Nat (?) when the IP Address is 192.168.1.1. They have a fix in a newer RC version of the framework. In the meantime, I moved my network to the 192.168.10.1 address. That seems to allow me to use the external address.

Thanks for the help.
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top