linux

VMware changing port for passive ftp connection?

My machine (ubuntu 13.10) has VMware Player 6.0.1 installed.
I run BitrixVM4.2 in it, in fact it is CentOS 6.3.
The virtual machine is running vsftpd on port 21. Its config:

listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022

dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES

xferlog_std_format=YES

pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES

chroot_local_user=YES

pasv_enable=YES
pasv_min_port=10121
pasv_max_port=10123
pasv_address=127.0.0.1

But I almost have no doubts about it, on another server this config (only without redefinitions for pasv) works fine.
We knock on our ftp through NAT configured in VMware, its config:

[host]
ip = 192.168.117.2
netmask = 255.255.255.0
device = /dev/vmnet8
activeFTP = 0
allowAnyOUI = 1
resetConnectionOnLinkDown = 1
resetConnectionOnDestLocalHost = 1

[tcp]
timeWaitTimeout = 30

[udp]
timeout = 60

[netbios]
nbnsTimeout = 2
nbnsRetries = 3
nbdsTimeout = 3

[incomingtcp]
2222  = 192.168.117.128:22
10021 = 192.168.117.128:21
10080 = 192.168.117.128:80
10033 = 192.168.117.128:33
#ftp-passive ports
10121 = 192.168.117.128:10121
10122 = 192.168.117.128:10122
10123 = 192.168.117.128:10123

[incomingudp]

The logic of work is this:

> telnet 127.0.0.1 10021
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 (vsFTPd 2.2.2)
user bitrix
331 Please specify the password.
pass bitrix
230 Login successful.
pasv
227 Entering Passive Mode (127,0,0,1,167,77).
list

- we knock on 127.0.0.1:10021, we get to our vsftpd;
- log in, switch to passive mode (then ask LIST);
And here it is interesting:
we get the answer: "227 Entering Passive Mode (127,0,0,1,164,77)";
those. we need to connect to 127.0.0.1:42061 ( 164 << 8 + 77).
But how? vsftpd can only open ports for passive mode in the range 10121-10123 .
What he actually does, we look at the server - we are waiting for an open port 192.168.117.128:10122 .
And 127.0.0.1:42061 kindly opens VMware (listed behind the vmnet-natd process).
Only if we knock on it, we get nothing:

> telnet 127.0.0.1 42061
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
Connection closed by foreign host.

If we turn to 127.0.0.1:10122 , we get what we wanted (for example, LIST).
In addition, if you access vsftpd from the guest OS (without NAT), then everything is fine: for the passive mode, the port that is open is returned - we connect there, pick up the result.
But if from the base OS, through NAT, then somehow VMware replaces the port in the "227" response, and makes the client knock on itself, but does not answer.
Any help is welcome:
- can someone explain to me fool what I'm doing wrong;
- or tell a better way to forward ftp through VMware.