1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Accessing FTP site using External IP Address, blocking

Discussion in 'Other LAN and WAN' started by Mark070, May 23, 2020 at 2:09 PM.

  1. Mark070

    Mark070 Occasional Visitor

    Joined:
    Nov 18, 2019
    Messages:
    29
    Location:
    Minnesota, USA
    Hey there,

    Configuring my Dream Machine, and I have a FTP server sitting behind the firewall, address 192.168.1.5 port 6032 (SFTP).

    I added a Port Forwarding rule that maps to that, and thats all I have done in terms of the firewall/port fowarding.

    When I try to access the FTP server using my external ip address (example. 66.100.56.120:6032) from something like Filezilla, it's blocked by my firewall.

    I can ping that address (minus the port) and that works fine. I can use my internal address and that works fine. I just cannot connect using the external IP address.

    Is there something I missed? my firewall rules messed up? (attached picture of rules). Keep in mind, these are the default rules, only one added is the port forwarding.

    My EdgeRouter 4 works just fine, but the Dream Machine (defaulted state) does not seem to like it

    Thanks for any advice in advance
     

    Attached Files:

  2. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    11,663
    Location:
    UK
    FTP and SFTP are different protocols that use different ports. I can't see from your screenshots what ports you are forwarding, and you haven't shown us the FileZilla connection details.
     
  3. Mark070

    Mark070 Occasional Visitor

    Joined:
    Nov 18, 2019
    Messages:
    29
    Location:
    Minnesota, USA
    Correct, I have setup SFTP (port 6032) on my internal server. (attached picture). This has not changed, and works just fine.

    I have also attached the Port Forward Rule as well
     

    Attached Files:

  4. coxhaus

    coxhaus Part of the Furniture

    Joined:
    Oct 7, 2010
    Messages:
    3,668
    Location:
    texas
    Good to see someone using a Dream Machine.

    Any chance you need to add an ACL or port forward rule for your outside IP addresss? I would try it just to make sure it does not change things.

    Any should cover it. Maybe a public IP is not allowed.
     
  5. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    11,663
    Location:
    UK
    The port forwarding looks correct. We can see the client connects to the server but it isn't doing the key exchange.

    I would look at the logs on the server machine. I suspect it's a configuration issue with the SSH server. Sorry, I can't offer any other ideas as I don't use the same devices as you.