Network Admin/Engineer question

Toggle sidebar Toggle sidebar
P

ppaik

Platinum Member
Nov 11, 2000
2,408
0
76
I was discussing this with my co-worker and I think it is possible, but he says its not...I haven't been able to do it so far...so he looks to be right...

We are behind a firewall with 1 public IP address. The Network Engineer forwarded port 7777 to my computer's ip address which is a private IP (192.168...). We have an FTP server running on port 21 already...so is it possible to setup an FTP server on my computer with port 7777? I tried to configure the FTP server settings and I was able to log into my FTP server from any computer in office...however from outside the public IP...it gives me an error port 500. I think there should be a way to work around this, however my co-worker is saying that by default the ftp port is 21 and therefore it wont work.

Is this true that it won't work...or if it's not...Any ideas?

Thanks in advance.

Phil
 
W

WiseOldDude

Senior member
Feb 13, 2005
702
0
0
change the FTP server on you PC to listen to a different port, then have the router forward port 7777 requests to your IP on which ever port number you have it listening to.
 
P

ppaik

Platinum Member
Nov 11, 2000
2,408
0
76
I have done that I think. The Network Engineer forwarded all public IP port 7777 to my internal IP address. On my computer I changed the FTP port to 7777.

It works in the office, however outside IP addresses get a port error number.

ftp://publicIP:7777

 
dphantom

dphantom

Diamond Member
Jan 14, 2005
4,763
327
126
I believe from outside on the public network, your PC has to have a route to it using a routable IP address like 24.x.x.x. 192 would not work even with the port forwarded to 7777.

If you VPN in, then it will work because now you are on the inside network via a tunnel.
 
Fardringle

Fardringle

Diamond Member
Oct 23, 2000
9,200
765
126
I have an FTP server running on my home PC to provide easy access to files I need while travelling and working at client sites. My PC is behind a router and with the router configured to forward the correct port (I use 2121) to my PC and the FTP software on my computer configured to listen to port 2121, I don't have any problem at all connecting from any remote computer using ftp://[i]publicIP[/i]:2121. If you are able to connect to your computer using port 7777 from other PCs on your internal network, then your FTP software is set up properly and I would suspect that the port forwarding is not configured correctly on the router. "Error 500 Illegal Port" usually means that the destination address has either blocked the port number or does not know what to do with it.
 
P

ppaik

Platinum Member
Nov 11, 2000
2,408
0
76
I thought it was a forwarding issue as well, but when configured Warcraft III with port 7777, I was able to host games.

This is a very odd problem...and from what the Network Engineer saw, he said that port 7777 is correctly routing to my computer. Then he said something about default port 21 and how FTP by default will point there first.
 
dphantom

dphantom

Diamond Member
Jan 14, 2005
4,763
327
126
That's what I said "public Ip" not private. Need to route to the public IP of your router that will then forward to teh correct port. 192 addresses are private and non-routable. Should work just fine once you get teh routing squared away. You can forward any service to any port, 21 to 9999 or whatever so long as the router knows where to move packets.
 
W

WiseOldDude

Senior member
Feb 13, 2005
702
0
0
private IP addresses are routable, they are routed on corporate networks all the time. the 3 ranges of private networks may not be used on the internet.

Port forwarding on a router takes traffic incoming from the internet on a specific port and redirects that traffic to the private IP address and port number you configure in the router.
 
dphantom

dphantom

Diamond Member
Jan 14, 2005
4,763
327
126
Originally posted by: WiseOldDude
private IP addresses are routable, they are routed on corporate networks all the time. the 3 ranges of private networks may not be used on the internet.

Port forwarding on a router takes traffic incoming from the internet on a specific port and redirects that traffic to the private IP address and port number you configure in the router.
Click to expand...

I know how to route non-routable IP addresses. Do it everyday. Here's a link to what routable and non-routable means. My background is Cisco routing so that is my frame of reference. Where probably meaning th same thing, just using different terminology.

http://www.easydesksoftware.com/news/news28.htm
 
P

ppaik

Platinum Member
Nov 11, 2000
2,408
0
76
I'm confused...

Like I said, When I host WCIII game, anyone from the outside world can hit my computer using port 7777. So how is it still a routing issue? port 7777 = 192.168.x.x

It tells to point to my computer and it does...only thing it doesn't do is ftp.

On a side note, I tried with a vpn connection last night and that worked out, but unfortunately, I cannot give my vpn settings out to the people I want to serve my files too.
 
I

imported_Phil

Diamond Member
Feb 10, 2001
9,837
0
0
Originally posted by: dphantom
Originally posted by: WiseOldDude
private IP addresses are routable, they are routed on corporate networks all the time. the 3 ranges of private networks may not be used on the internet.

Port forwarding on a router takes traffic incoming from the internet on a specific port and redirects that traffic to the private IP address and port number you configure in the router.
Click to expand...

I know how to route non-routable IP addresses. Do it everyday. Here's a link to what routable and non-routable means. My background is Cisco routing so that is my frame of reference. Where probably meaning th same thing, just using different terminology.

http://www.easydesksoftware.com/news/news28.htm
Click to expand...

You're not the brightest tool in the box, are you? He's already stated several times that he's using the Public IP when he's outside the internal network.

If the port-forwarding is set up correctly on the edge router, then there shouldn't be any problem at all.

ppaik, have you tried ftp://<username>:<password>@<publicIP>:7777

eg.

ftp://myuser:mypass@1.2.3.4:7777
 
ZYFER

ZYFER

Senior member
Nov 2, 2002
720
5
81
ftp tends to operate on ports 20 and 21 by default, using port 20 for ftp-data relating to the connection and port 21 for the actual files being sent back and forth. you would need port 20 open more likely for everything to go well.
Your ftp will work in the private network since it doesn't have to go through the firewall, but without the needed ports forwarded it will not work properly.
 
I

imported_Phil

Diamond Member
Feb 10, 2001
9,837
0
0
Originally posted by: ZYFER
ftp tends to operate on ports 20 and 21 by default, using port 20 for ftp-data relating to the connection and port 21 for the actual files being sent back and forth. you would need port 20 open more likely for everything to go well.
Your ftp will work in the private network since it doesn't have to go through the firewall, but without the needed ports forwarded it will not work properly.
Click to expand...

Have you even read the thread properly?
 
D

DaiShan

Diamond Member
Jul 5, 2001
9,617
1
0
Originally posted by: ppaik
I thought it was a forwarding issue as well, but when configured Warcraft III with port 7777, I was able to host games.

This is a very odd problem...and from what the Network Engineer saw, he said that port 7777 is correctly routing to my computer. Then he said something about default port 21 and how FTP by default will point there first.
Click to expand...

??? Where do you work? They let you host games off their bandwidth? Also ftp will auto check port 21 first IF you don't specify an alternative port. publicip:7777 is specifying an alternative port. Either your admin is lying to you about forwarding a port to your computer, or, he is completely incompetent.
 
W

WiseOldDude

Senior member
Feb 13, 2005
702
0
0
Originally posted by: dphantom

I know how to route non-routable IP addresses. Do it everyday. Here's a link to what routable and non-routable means. My background is Cisco routing so that is my frame of reference. Where probably meaning th same thing, just using different terminology.
Click to expand...
Listen to yourself, "I know how to route non-routable blah... blah" Does that may any sense to you? You may know how to route "private" addresses, which may not be used on a "public" network. You cannot "route" them TO the internet but that does not make them non-routable.

Cisco background, CCNA?, CCNP?, saw a router once?


 
dphantom

dphantom

Diamond Member
Jan 14, 2005
4,763
327
126
Originally posted by: WiseOldDude
Originally posted by: dphantom

I know how to route non-routable IP addresses. Do it everyday. Here's a link to what routable and non-routable means. My background is Cisco routing so that is my frame of reference. Where probably meaning th same thing, just using different terminology.
Click to expand...
Listen to yourself, "I know how to route non-routable blah... blah" Does that may any sense to you? You may know how to route "private" addresses, which may not be used on a "public" network. You cannot "route" them TO the internet but that does not make them non-routable.

Cisco background, CCNA?, CCNP?, saw a router once?
Click to expand...


CCNA, 7204 VXR (2) 4507R, 1750s 3548s Pix 525 f/o 15 years working, handle MX records, host web sites, route traffic in/out. What more do you want to know??

I know I canot route private addresses to the internet. I can map my public ip addrsses to internal non-routable ip, 10.x.x.x, 172 and 192 class ip's. Have to do it to gain access to certain services we host on the inside to external customers on the public internet.

All I was making sure of in my first response on this entire thread was to ensure he was using a publci ip address and not private. Once he confrmed that, it all becomes a routing problem somewhere.

Chill out for a bit. We're all just trying to help out here.

EDIT: not counting old stuff like 2500, 1600s 1900s, HP managed hubs............
 
ZYFER

ZYFER

Senior member
Nov 2, 2002
720
5
81
Originally posted by: Dopefiend

Have you even read the thread properly?
Click to expand...

your rude behavior isn't really necessary, since we are all trying to help here, many don't realize you need port 20 for active communications, otherwise passive would need to be used, what makes you think you can act like a know it all?
 
I

imported_Phil

Diamond Member
Feb 10, 2001
9,837
0
0
Originally posted by: ZYFER
Originally posted by: Dopefiend

Have you even read the thread properly?
Click to expand...

your rude behavior isn't really necessary, since we are all trying to help here, many don't realize you need port 20 for active communications, otherwise passive would need to be used, what makes you think you can act like a know it all?
Click to expand...

If the port on the server is set to 7777 as per the OP, and that particular port is forwarded on the router from the WAN-side to LAN-side onto the server, then the connection will happen. I regularly FTP into my machine here behind a NAT firewalled router from work.

Your other "comments", however, did bring a smile to my face. Good for you, little man.
 
E

eclips

Junior Member
Mar 10, 2005
8
0
0
Seems I found how to get it to work, but not a permanent solution. Port 21 works fine, but any specified poft doesn't. I assume something with NAT? Any ideas
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom