Request for Question Clarification by
brightshadow-ga
on
31 Oct 2002 14:53 PST
Port 21 is only used for a control connection. Port 20 is often used
for ascii data. The port used for file transfers will be a fairly
random port (above port 1024.)
If the router is not smart enough to determine where to route
particular connections (some will do it better than others) via NAT,
your best option is to require passive transfers on the FTP site. Any
decent FTP client has the ability to use passive transfers; just put
an announcement in the MOTD on the server that clearly indicates that
PASV must be used.
The difference is, basically, a passive FTP connection allows the
server to open the port and establish the connection, creating a TCP
connection from the inside out. Active FTP does not work well, because
the client attempts to connect to the FTP server instead of vice
versa.
Another alternative would be to see if your internet provider allows
multiple IPs on the same connection (for example, AT&T Broadband does,
for $5 a month you can get a second DHCP allocated IP address) and
just put the system intended to run the FTP server on its own address,
and place the other machines inside the firewall/NAT.
Yet another way to go about it would be to use a plain ol' cable
modem, connect it directly to a small system running a software NAT of
some sort (a little Linux or BSD machine will work fine for this
purpose, and there are a number of Windows applications for doing this
as well if you're not comfortable with *nix operating systems) and
assign a more complex set of rules for NAT to allow the FTP to operate
more smoothly.
Is this enough information? If so, I can post it as an answer.
Otherwise, let me know if you need anything further.
-brightshadow
