Trust someone here will point me in the right direction albeit other documentation to resolve my smallish error.
First please note I am a utter-noob with Mikrotik and most of my experience has now come from the documentation on this forum. So please type slow and explain to me in understandable English
The Problem:
No client computer or server on the network can access any external ftp sites i.e. ftp.hp.com, only error I have is either the connection timed out or connecting from command prompt displays connect:Unknown error number
The Setup:
Client PC (multiple) connects to Server 2003 STD connects to Untangle firewall connects to Mikrotik Router.
The Untangle firewall I know and all FTP access have been configured which leaves me with the MR.
The Question:
I need to know where do I configure any rules, port forwarding on the router and what exactly would I need to configure to allow access to external ftp sites/servers.
I will continue to read on the documentation to better understand the setup and configuration of the mikrotik router but will appreciate any help with said matter.
if clients have access to websites, they should have same kind of access to FTP sites unless you specifically made a firewall to block those ports. post your router config from command â/export compactâ
It helps reading the documentation I guess I was just a bit frustrated about battling so long with this problem however soon after I posted this I managed to get the ftp working with the following entry:
I am using winbox v4.11 to do the config so under IP > Firewall > NAT i added this rule:
chain=dstnat src address= (internal LAN IP[0.0.0.0/24]) protocol= 6 (tcp) dts port=21 action=dstnat to address= (Public IP of dsl router) to ports=21
However I picked up one smallish hiccup. Downloading a driver from HP keeps asking for a username and password, just like you would authenticate with any ftp server but I do know that this should not be.
Anyone got any ideas? If still needed I will post the firewall rulesâŚ
You havenât got the FTP working with the rule you made. You just forwarded the FTP requests from your clients to your router, and its the ftp service of your router that is asking for username and pass.
So disable that rule and post the config, so we can try to solve the real problem
I am really new to the mikrotik routers so if you can be patient with me through this process I would appreciate it, perhaps I will even learn some new tricks.
I have attached the router config file for your review. Please note I have not configured this router at all so I will not be able to explain why things are configured as it is.
Thank you for your time with this and any suggestions or help will be appreciated
I have removed the router config file because since I posted it I have someone from china trying to login to my router, please let me know what info I need to post without compromising my security
I have a Billion router that is managed by my ISP, this connects to my Mikrotik Router, my LAN is behind the Mikrotik. I have asked my ISP to check their router if FTP access is open and they confirmed that it is.
All default settings for FTP access on the Mikrotik Router is enabled. The problem we have is that if we want to download any file from the web that connects to a ftp server if fails i.e. ftp.hp.com
My browser shows that it is âopening ftp.hp.comâ then âconnecting to ftp.hp.comâ but hangs here until it displays a timed out message.
Anyone with an Idea that might help me please let me know cause this is now becoming a problem since some sites we work of requires the download from ftp sites.
Sorry for the problem you are having with the âchina attackerâ.
To increase security disable ssh and telnet in ip - services (i think you are having connecting tries in ssh, that is so common).
For the ftp part. To make it clear, do you have ftp access if you connect directly with the Billion, without MikroTik in the middle??
Does your firewall configuration allow ârelatedâ connections? FTP is funky in that it uses two ports and needs the related connections enabled, particulary in active mode where the remote host has to open a socket back to the client.
For starters try having your FTP client connect using passive mode, if that works the problem is probably a firewall setting.
Guys your help will be appreciated for the last week I have been learning the MikroTik router, so that is all the experience I have with these routers.
Here is a print out on my /ip firewall filter and /ip firewall nat, I hope this will help you fine poeple in providing me with the correct direction to get FTP working again.
Problem solved and I do feel like one huge sucker.
I discovered that there was two factors that was stopping the FTP access from working. To explain so you fine people can understand. I have two DSL lines feeding into my building, one is on a cisco router the other on a billion router in turn they are connected to my mikrotik router which feeds to the rest of the LAN.
under /ip routes there are routes configured to let mail and www pass through the one line and all other traffic via the other however it turns out that the billion router dsl connection was down hence ftp not working since it could not establish a connection. So i disabled the rule to pass traffic via the billion router and confirured another to allow traffic via the cisco and violaâŚftp access working again.
What I do not understand is how this was configured, why and how did we not loose complete internet connectivity.
So in my new efforts of learning the mikrotik router I will now try and find out how to do the following:
setup either (proper) load balancing or fail over that should one dsl line go down we dont loose connectivity to functions such as ftp.
Any help to point in the right direction will be greatly appreciated.
