FTP access throught NAT ??

RouterOS General
1

Hi,

I’m confused how to setup my router to allow pass-through traffic from an specific outside ip on internet to an ftp server in my lan ! I tried following rules but it doesn’t work :frowning:

/ip firewall nat> add chain=dst-nat src-address=public-ip-of-remote-server dst-port=20 action=dst-nat protocol=tcp to-address=192.168.1.40 to-port=20
/ip firewall nat> add chain=dst-nat src-address=public-ip-of-remote-server dst-port=21 action=dst-nat protocol=tcp to-address=192.168.1.40 to-port=21

Did I miss something ? the remote ftp client is a server with full direct internet IP address :slight_smile:

Thanks,

Vincèn

2

Configure your FTP sever to passive mode, set passive mode custom port range, then allow this port range in your DST-NAT rules.

HTH,

3

Thanks for the idea of the passive mode, it resolved the issue :slight_smile:

Thanks :wink:

Vincèn