FTP setup w/ a gateway?

General discussion of Anime Music Videos
Locked
User avatar
y2kwizard
Joined: Sun Aug 18, 2002 2:54 pm
Location: Memphis, TN
Contact:
Org Profile

FTP setup w/ a gateway?

Post by y2kwizard » Sun Aug 18, 2002 2:59 pm

Hello. I have been trying to set up an FTP server so that I can share AMV's with the world. I'm having trouble.

The main reason I'm having trouble is because my house has a network that shares a cable connection between 3 computers using a DLink Gateway router (mine's a DI-704).

I need to know what settings I need to use in order to let me use my FTP server so that others can access it.....does anyone have a clue? Thanks.

trythil
is
Joined: Tue Jul 23, 2002 5:54 am
Status: N͋̀͒̆ͣ͋ͤ̍ͮ͌ͭ̔̊͒ͧ̿
Location: N????????????????
Org Profile

Post by trythil » Sun Aug 18, 2002 3:43 pm

You must configure your router to allow outgoing, not previously-established (i.e. it must be able to allow a server on your end to establish a connection) TCP traffic on port 21. The reason that I added the established keyword in there is because some routers (e.g. CISCO) can differentiate between non-established and established TCP traffic; if yours can, you must configure it properly.

If you want to allow people to use port mode transfer, you must open port 20 in a similar manner. Otherwise, tell people to use passive mode transfer.

User avatar
y2kwizard
Joined: Sun Aug 18, 2002 2:54 pm
Location: Memphis, TN
Contact:
Org Profile

Post by y2kwizard » Sun Aug 18, 2002 3:56 pm

OK, I did that. One question, though: How do I know if my IP address is unique? What I mean is that my manual for my router says that there is a default IP address for ALL DI-704's, and it's something like 192.168.0.1. How do I know that my IP address is unique?

Also, i'm getting conflicting messages. When i go to www.whatismyipaddress.com I get a message saying my IP address is 24.24.117.168 while my Network Settings in Windows says that my IP address is 192.168.0.160. What gives? Thanks a lot!!

User avatar
NicholasDWolfwood
Joined: Sun Jun 30, 2002 8:11 pm
Location: New Jersey, US
Org Profile

Post by NicholasDWolfwood » Sun Aug 18, 2002 4:19 pm

24.24.117.168 would be your external IP address. Any IP address with a beginning prefix of 192.168.* is an internal IP address, which only people on your network can access. Anybody from the outside world would have to use the IP address of 24.24.117.168.

User avatar
y2kwizard
Joined: Sun Aug 18, 2002 2:54 pm
Location: Memphis, TN
Contact:
Org Profile

Post by y2kwizard » Sun Aug 18, 2002 4:28 pm

hmmm...odd...when I tell the server (I'm using bulletproof) to use 24.24.117.168 , it will not work, but when I tell it to use 192.168.0.160 it DOES work. Does anyone have ANY CLUE as to why this happens? Could you try accessing ftp://24.24.117.168 and see if youget anything? I've enabled the router to listen to port 21...but what's up with these IP woes? Sorry I'm such a newbie :oops:

User avatar
y2kwizard
Joined: Sun Aug 18, 2002 2:54 pm
Location: Memphis, TN
Contact:
Org Profile

Post by y2kwizard » Sun Aug 18, 2002 4:29 pm

Oh, yeah, and I forgot to mention that when I try to go to ftp://192.168.0.160 it works fine (because it's local) but when I try to go to ftp://24.24.117.168

User avatar
y2kwizard
Joined: Sun Aug 18, 2002 2:54 pm
Location: Memphis, TN
Contact:
Org Profile

Post by y2kwizard » Sun Aug 18, 2002 4:53 pm

it doesn't work at all.

trythil
is
Joined: Tue Jul 23, 2002 5:54 am
Status: N͋̀͒̆ͣ͋ͤ̍ͮ͌ͭ̔̊͒ͧ̿
Location: N????????????????
Org Profile

Post by trythil » Sun Aug 18, 2002 4:58 pm

192.168.*.* is a class C private address space.

A simple router has two IP addresses: one that interfaces to one network, and a second that interfaces to a second network. Your setup would therefore look like:

192.168.0.* [private network] <--> router <--> RoadRunner network (24.24.*.*]

Your router should have the address 24.24.117.168 on the external interface, and the address 192.168.0.160 on the internal interface.

It works fine here:

Code: Select all

trythil@beleriand trythil $ nmap -P0 -p 20,21 24.24.117.168
Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Interesting ports on cpe-024-024-117-168.midsouth.rr.com (24.24.117.168):
Port       State       Service
20/tcp     filtered    ftp-data                
21/tcp     open        ftp                     

Nmap run completed -- 1 IP address (1 host up) scanned in 3 seconds

trythil@beleriand trythil $ ftp 24.24.117.168
Connected to 24.24.117.168.
220 BulletProof FTP Server ready ...
Name (24.24.117.168:trythil): 
I do, however, have a friend who has had the exact same problems with LinkSys routers. As I'm not aware of their individual quirks, I'll have to ask him what he did to get around the problems.

User avatar
NicholasDWolfwood
Joined: Sun Jun 30, 2002 8:11 pm
Location: New Jersey, US
Org Profile

Post by NicholasDWolfwood » Sun Aug 18, 2002 4:59 pm

ftp://24.24.117.168/ works for me, but not for you because you're on the internal network. If you tried to access ftp://192.168.0.160 from any computer other than one that's on your home network/router, it will not work. But ftp://24.24.117.168/ will if you're on a PC that's not on the network.

trythil
is
Joined: Tue Jul 23, 2002 5:54 am
Status: N͋̀͒̆ͣ͋ͤ̍ͮ͌ͭ̔̊͒ͧ̿
Location: N????????????????
Org Profile

Post by trythil » Sun Aug 18, 2002 5:06 pm

NicholasDWolfwood wrote:ftp://24.24.117.168/ works for me, but not for you because you're on the internal network. If you tried to access ftp://192.168.0.160 from any computer other than one that's on your home network/router, it will not work. But ftp://24.24.117.168/ will if you're on a PC that's not on the network.
AFAIK it should work regardless. A request to connect to 24.24.117.168 on port 21 should be handled by the router as:

(1) incoming request from 192.168.0.*
(2) check routing tables for 24.24.117.168
(3) 24.24.117.168 is me, connect to port 21

then, when established:
(1) check access lists, validate
(2) if valid, check NAT tables for address mapping to attempted connection on port 21

Locked

Return to “General AMV”