Cannot access my ftp site via ISP dynamic IP Address

Cannot access my ftp site via ISP dynamic IP Address

Post by Johnny Cha » Sat, 06 Jan 2001 22:28:13



I cannot access my FTP site outside my network(in office). I did install the
FTP package(wu-ftpd-2.6.0-3) and I can ping the dynamic IP address(from ISP)
through any host inside my network(at home), without any problem.

I have 3 computers in my network. I use Linux(Redhat 6.2) as a gateway to
internet via the IP MASQ.

My network setup :
Computer 1 - Redhat Linux Server :
NIC eth0(3Com) : connect to Internet Service Provider
NIC eth1(3Com) :  connect to network hub(ip address 192.168.0.196, netmask :
255.255.255.0)
Daemon : anacron, atd, autofs, crond, httpd, identd, inet, ipchains,
keytable, kudzu, linuxconf, lpd, netfs, network, nfs, portmap, smb, squid,
syslog and xfs

Computer 2 - Window Box :
NIC(3Com) : connect to network hub(ip address 192.168.0.195, netmask :
255.255.255.0)

Computer 3(Notebook) - Window Box :
NIC : connect to network hub(ip address 192.168.0.197, netmask :
255.255.255.0)

Can anyone find out the problem in my linux box so that I cannot access my
personal ftp site(located at home) when I use my computer in office? I
suspect I need to set something via "ipchain" in my linux box.

 
 
 

Cannot access my ftp site via ISP dynamic IP Address

Post by Peter T. Breue » Sat, 06 Jan 2001 22:55:23



Quote:> I cannot access my FTP site outside my network(in office). I did install the
> FTP package(wu-ftpd-2.6.0-3) and I can ping the dynamic IP address(from ISP)

And did you configure your ftp server?

Peter

 
 
 

Cannot access my ftp site via ISP dynamic IP Address

Post by Carsten Cimande » Tue, 09 Jan 2001 19:48:35


Hi,

seems as if you use ipchains for firewalling and masquerading.
But masquerading normally is done "one way" that means for security
reasons
you can do from inside your network almost anything you like to the
outside,
e.g. initiate a FTP connection.
But as the 192.168.X  networks are "private" they are not routed in the
internet.
So clients with these adresses can't be reached from the outside when
trying to
connect to them directly. So no direct FTP-connection to these clients
from the outside
is possible.

If you want to do this, you have to use/install iptables which provides
full NAT.
This allows you to assign a pool of "private" addresses to one ore more
"public" or
"official" ip-adresses. iptables is available for kernels 2.4.0 and
higher or as a patch
for Kernels 2.2.xx as a patch.

Alternatively you can log in to your linux-router via ssh (I would not
recommend to use
telnet due to security) and then start ftp to the other clients.

Hope that helps a bit.
Carsten

 
 
 

1. Cannot access my FTP site via ISP dynamic IP Address

I cannot access my FTP site outside my network(in office). I did install the
FTP package(wu-ftpd-2.6.0-3) and I can ping the dynamic IP address(from ISP)
through any host inside my network(at home), without any problem.

I have 3 computers in my network. I use Linux(Redhat 6.2) as a gateway to
internet via the IP MASQ.

The content of rc.firewall in Linux is as follows :

************************
/sbin/depmod -a
/sbin/modprobe ip_masq_ftp
/sbin/modprobe ip_masq_raudio
/sbin/modprobe ip_masq_irc
/sbin/modprobe ip_masq_cuseeme
/sbin/modprobe ip_masq_vdolive
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_always_defrag
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
echo "1" > /proc/sys/net/ipv4/ip_masq_udp_dloose
/sbin/ipchains -M -S 7200 10 160
/sbin/ipchains -P forward DENY
/sbin/ipchains -A forward -i eth0 -s 192.168.0.0/24 -j MASQ
*****************

My network setup :
Computer 1 - Redhat Linux Server :
NIC eth0(3Com) : connect to Internet Service Provider?t
NIC eth1(3Com) :  connect to network hub(ip address 192.168.0.196, netmask :
255.255.255.0)
Daemon : anacron, atd, autofs, crond, httpd, identd, inet, ipchains,
keytable, kudzu, linuxconf, lpd, netfs, network, nfs, portmap, smb, squid,
syslog and xfs

Computer 2 - Window Box :
NIC(3Com) : connect to network hub(ip address 192.168.0.195, netmask :
255.255.255.0)

Computer 3(Notebook) - Window Box :
NIC : connect to network hub(ip address 192.168.0.197, netmask :
255.255.255.0)

Can anyone find out the problem in my linux box, especially the rc.firewall
script so that I cannot access my
personal ftp site(located at home) when I use my computer in office? I
suspect the problem came from "ipchain" in my linux box.

2. Apache scoreboard help

3. Cannot FTP via IP MASQUERADE with IP tables

4. Status of sound problems on Powerbook G3

5. 2.4 PPP to ISP w/ dynamic IP addresses

6. MultiBoot

7. dynamic ip address - how to get to know my ip address?

8. No sound with PCI soundcard CMI8738.

9. can't host a site using dynamic ip address?

10. cannot seem to be able to access any ftp sites

11. How to access ftp sites' archives via E-Mail?

12. cannot access via ftp

13. Apache: access control via ip address