Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
P
P
PROger4ever2014-05-27 12:50:19
FTP
PROger4ever, 2014-05-27 12:50:19

How to properly open FTP access through Mikrotik's NAT?

Hello.
There is MikroTik-RB951G-2HnD with RouterOS v6.13. On ether1 - WAN.
There is a public address. Let's call it [public_ip].
There is a small local network 192.168.88.0/24.
This local network has a computer with IP: 192.168.88.13/32 (ether5) running FileZilla FTP Server version 0.9.41 beta. Listen Port in FTP is set to non-standard - 38888 (I did not find where to change the port for data).
The router settings are standard, set via Quick Set.
Task: open access to this FTP server.
What's tried:
1. Make the following NAT rule:
https://docs.google.com/file/d/0B3Jvwnu0eQLXNHRWaz...
https://docs.google.com/file/d/0B3Jvwnu0eQLXX2Q1YX...
The counter of the rule increases when you try to access it from the outside (I did not add permission to the firewall - it works by itself), but there is no access to FTP.
Questions:
1. What ports do I still need to forward and what rules how to configure?
2. Is passive mode required for connecting to FTP behind NAT?
3. How to properly configure rules for passive FTP ports?
I can say that I am far from a professional in networks, so I ask you to explain in as much detail as possible (if possible - with WinBox pictures, I really don’t know how to work with the MikroTik console).
Thank you very much in advance.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
S
Sergey, 2014-05-27
@PROger4ever

When working via the FTP protocol, two connections are established between the client and the server - a control connection (commands go through it) and a data connection (files are transferred through it).
The control connection is the same for Active and Passive mode. The client initiates a TCP connection from a dynamic port (1024-65535) to port number 21 on the FTP server and says "Hi! I want to connect with you. Here is my name and my password." Further actions depend on which FTP mode (Active or Passive) is selected.
In active mode, when the client says "Hello!" it also tells the server a port number (from the dynamic range 1024-65535) so that the server can connect to the client to establish a data connection. The FTP server connects to the specified client port number using TCP port number 20 for data transfer.
In passive mode, after the client says "Hello!", the server tells the client the TCP port number (from the dynamic range 1024-65535) to which it can connect to establish a data connection.
The main difference between active FTP mode and passive FTP mode is the side that opens the data connection. In active mode, the client must accept a connection from the FTP server. In passive mode, the client always initiates a connection.
Original source
Now you can answer your own question? =)

Report
S
Shpakk, 2016-04-21
@Shpakk

In Mikrotik, you need to enable the Service port. IP - Firewall - Service Port - FTP21
Well, open port 21 in the filter rules.

Similar questions
K
Kurban Mammaev2017-01-27 19:40:49
How to change the content of a text file that is hosted on the network programmatically? 1Reply
D
Danil2017-02-06 11:46:45
How to properly organize file sharing? 1Reply
Y
yarcowen2017-02-11 19:40:07
Is it possible to create a home ftp on a simple internal ip? 0Reply
A
Artem Kaybagorov2017-02-18 19:12:56
FTP Nexentastor? 2Reply
R
Roman Alekseevich2019-07-19 17:58:31
Problem with EventEmitter in PromiseFTP module, how to catch a leak? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question