hi all,
i have an RB3011UiAS-RM with Ether1 connected to fiber with internet IP static, ether2 is 192.168.1.0/24 with DHCP
everything is basic (firewall) and using masquerade and NAT to connect to fiber.
the strange thing is that FTP to the internet is not working, every machine on the inside network is not getting a connection on FTP. the FTP helper is on and there are no rules blocking port 21 to the internet.
software version is V6.38.5
can anyone give me some advice?
Do your filter forward rules include accepting ‘related’ connections as well as ‘established’?
Can you telnet to ftp server from host on your lan?(using port 21)
no telnet possibe, connection timed out
how do i do that? can i print a list of the NAT rules or do you need to see the firewall rules?
That would be part of the firewall ‘filter’ rules, not NAT. By default, it’s part of the first FastTrack and Accept forward rules. But if you’re getting connection timeouts with specifying port 21 via telnet to the ftp servers, something else is likely wrong as that’s the main ftp command port and not the related data channels.
But an export of all your firewall rules may help.
the sollution was the option “local” as in the traffic should be local because the NAT was picking up the outgoing traffic and reversing it as in the NAT rule