• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Bizarre DNS (or hosting??) FTP problem..

SpatiallyAware

SpatiallyAware

Lifer
Alright..

My DNS and most of my websites are hosted with godaddy. I use their totaldns setup to control all of my domains. My main site (company.com) is hosted elsewhere.

I have a locally hosted FTP server with its own public IP (xx.xx.xx.55). I use total DNS to forward ftp.company.com to my public IP xx.xx.xx.55. I have my router set to push port 21 from .55 to the separated internal .18 address of my FTP server (a Thecus N5200)

I also setup my internal DNS for .18 to resolve to ftp.company.com

Cookie cutter FTP setup, done it 101 times. Works fine from inside. ftp://company.com From outside I get some other FTP server with 1 file I don't recognize a bunch of corrupted folder names. WTF

I triple checked DNS, I even used a different external IP thinking my ISP has something screwed up. I get the same 'unknown' FTP server.

Thoughts?

I need to try disabling my external IP and/or totally turning off my FTP server. I have a sneaking suspicion that something is off with my godaddy DNS settings..

Edit:

Ok, my FTP device is turned off yet I'm still able to connect to some FTP server somewhere.
 
Last edited:
Ok another thing that's odd - in the DNS control panel I have vpn.company.com, mail.company.com etc. But when I try to enter ftp.company.com the form or website automatically changes it to simply ftp..
 
FTP negotiates other ports at the application layer in active mode. It takes very special settings to get FTP to work right with a firewall and NAT. Google will help.

If your firewall doesn't inspect layer7 stuff and change the information it gets even more cumbersome.
 
Arg... It's a watchguard box, which I'm not particularly fond of. There's little documentation for stuff like this. I've tried the ftp proxy, packet filter, etc.


I'll look into the documentation further tomorrow - Thanks for the help.
 
The watchguard should be able to handle FTP and change the L7 information needed. FTP doesn't work like a normal "open a port" application. There is a control channel (21) and a data channel (changes each session depending on how server is configured and client) so you can't just forward ports.

You're trouble is typical with firewall/NAT and FTP.

google gave me this and it does a good job of explaining it.
http://www.ncftp.com/ncftpd/doc/misc/ftp_and_firewalls.html
 
spidey07 said:
The watchguard should be able to handle FTP and change the L7 information needed. FTP doesn't work like a normal "open a port" application. There is a control channel (21) and a data channel (changes each session depending on how server is configured and client) so you can't just forward ports.

You're trouble is typical with firewall/NAT and FTP.

google gave me this and it does a good job of explaining it.
http://www.ncftp.com/ncftpd/doc/misc/ftp_and_firewalls.html
Click to expand...

Yup I know - the watchguard box has a special FTP rule but it doesn't seem to be working correctly (or I don't have it configured properly).. I'll do some more troubleshooting and will report back.

Thanks again
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top