Tamadite
12-12-2004, 02:46
I have found a strange problem in my WL-500g running firmware ver. 1.8.1.9.
When using the USB-FTP server it works perfectly on port 21 on ftp-clients running both active mode and passive mode. But if I change the port on my USB-FTP server to another port (e.g. 1050) it only works if ftp-clients use active mode.
If clients use passive ftp mode, it seems that my WL-500g does not send any SYN-ACK back when initiating the data transmission. As a summary of what I have found:
…
Client sends: PASV (to port 1050)
Server sends: Entering passive mode indicating listening port
Client sends: (ftp command, e.g. “list”, to port 1050)
Client sends: SYN (to server PASV listening port to start data transmission)
Server never sends SYN-ACK back
When looking at the log on my WL-500g I can see packets sent to the listening port that have been denied hence SYN-ACK are never sent back.
What is the reason for this?
Is the USB-FTP server behind the firewall?
If it is so, how the firewall is ruling its traffic?
PS1: Clients on the LAN have no problem with passive/active FTP, only clients in WAN have.
PS2: FTP-passive mode is used by clients/users in the WAN behind firewalls therefore it is needed to find the reason of this behaviour so users behind firewalls can reach the USB-FTP server.
When using the USB-FTP server it works perfectly on port 21 on ftp-clients running both active mode and passive mode. But if I change the port on my USB-FTP server to another port (e.g. 1050) it only works if ftp-clients use active mode.
If clients use passive ftp mode, it seems that my WL-500g does not send any SYN-ACK back when initiating the data transmission. As a summary of what I have found:
…
Client sends: PASV (to port 1050)
Server sends: Entering passive mode indicating listening port
Client sends: (ftp command, e.g. “list”, to port 1050)
Client sends: SYN (to server PASV listening port to start data transmission)
Server never sends SYN-ACK back
When looking at the log on my WL-500g I can see packets sent to the listening port that have been denied hence SYN-ACK are never sent back.
What is the reason for this?
Is the USB-FTP server behind the firewall?
If it is so, how the firewall is ruling its traffic?
PS1: Clients on the LAN have no problem with passive/active FTP, only clients in WAN have.
PS2: FTP-passive mode is used by clients/users in the WAN behind firewalls therefore it is needed to find the reason of this behaviour so users behind firewalls can reach the USB-FTP server.