# Can't access ftp through WAN (apache works fine)



## damarious25 (Jan 5, 2012)

My first thought was I had my port forwarding setup wrong. But I don't.
Additional info just because. 
-Latest BSD release
-monowall firewall
-apache from WAN fine
-ftp from LAN fine
-port forwarding and firewall rules fine
-tried to connect from multiple sources so it wasn't specific to the WAN address.
-user and password are unchanged and work when connecting to FTP through LAN.
-I get prompted for username and password but then get denied, getting an error to confirm I have permission (which I do).

I'm just not sure how to trouble shoot this and need a nudge in the right direction. It's up and running fine because I can RDP (from WAN) to a different machine on the LAN and I can pass around files like there's no tomorrow (I'm not on site so am using SSH and RDP to various machines to try and resolve the ftp issue)... Also, from WAN, I can access the same box through SSH and Apache website is running fine. So connections are obviously getting through to the box. I've checked, re-checked, reset, rechecked and double rechecked all the rules on monowall and as far as I can tell everything is configured to forward WAN requests through port 21 to the machine... What should I be looking for next? -Thanks


----------



## SirDice (Jan 5, 2012)

damarious25 said:
			
		

> -I get prompted for username and password but then get denied, getting an error to confirm I have permission (which I do).


Post the exact error please.

We'd also like to know what version of FreeBSD (on what architecture) and which FTP server you are running.


----------



## damarious25 (Jan 6, 2012)

I was trying to connect through Windows so I was trying with browsers and by adding a network drive. The exact wording for the error has slipped my mind but it was along the lines of "can't connect, check permissions. connection timed out". Which makes no sense because over LAN the same user/pass works. And i'm not running a local DNS so it's not like IPs and hostnames were cached or anything. 
So, I get the user/pass prompt but it wouldn't connect. Yet SSH and apache are communicate fine through WAN.

It's the latest version of BSD which is what? 8.2 right now? And it's i386.

I've played with rc.conf a little and tried running ftp with both ftpd_enable and intd_enable but neither helps. 


Either way, thanks for the assistance so far Dice


----------



## damarious25 (Jan 6, 2012)

New to the forum so I'm not sure how to mark this as solved, but it is.... Sort of. 

I found information from another forum (http://forum.m0n0.ch/index.php?topic=3051.0) where users claim there are issues with monowall and certain broadcom chips. I didn't even bother to check my machine because I was pretty certain I had exhausted all other possibilities. So I just migrated over the pfsense and the things working perfect. Now I can access ftp from WAN connections.


----------



## SirDice (Jan 6, 2012)

You're probably running into the age old passive vs. active FTP.

http://slacksite.com/other/ftp.html


----------

