Hi Need some help,
Have a client who needs to connect out to an a FTP server, since swapping from watchguard to pfsense. Its stopped working. They get the below error.
I tried the same commands from other none pfsense firewalls and it works fine. I tried from multiple PFsense firewalls and its blocked. All rules say LAN - WAN allow all, so i dont know why its not working.
It looks like the FTP server is not happy accepting local connections or it is seeing the connection as local hence the 192.168.0.56 address, the FTP looks to be expecting an Internet or Public Routeable Address not an internal.
but it works from sonicwall, draytek and junipers i tested without making any firewall changes. Thats what i dont understand. Willing to pay to get this resolved.
FTP should not be used on the internet here in 2019. But it does often require more than just port 21 as there can be a second port open for the data. https://en.wikipedia.org/wiki/File_Transfer_Protocol
Just as Tom said, if you really need to use FTP - look at something else like SFTP or even SCP. FTP is insecure.
Hi think there is some confusion. I am not hosting the FTP server. The 3rd party requires us to connect to there ftp server and pull some data down. So pfsense somewhere is altering the data that’s getting sent out. So the recieving FTP server is only seeing our LAN IP and not public IP.
As you know getting 3rd party to change there program will be difficult. I don’t understand why it works fine on every other firewall without making any modifications.
OK, managed to fix this by installing FTP Proxy Plugin and selecting below.
It mentions some firewall rules being created, but i dont see anything.