On 10/11/04(22:49) you "Deffranne Laurent (DBB)" <firstname.lastname@example.org>
|I am looking to set up a Delegate Proxy on a internal server behind a Firewall & NAT box.
|Here is my network configuration :
|Firewall external IP : 220.127.116.11
|Delegate Server internal IP : 172.16.0.1
|The firewall will transmit all incoming connections to the Internal server without problems.
|The problem is that delegate delegate is now responding with "227 Entering Passive Mode (172.16.0.1,128,66)."
|on the FTP PASV requests coming from internet.
|So the internet clients try to connect to the internal adress, without success of course.
|How can I configure Delegates in such a way that it returns the IP adress 18.104.22.168 on every FTP PASV answer ?
|I have read about the "SRCIF" parameter, but i am unable to find the rights parameters to use in this case.
I think the following parameter will do it:
Or if your server is to be accessed without the NAT from internal clients
(on .localnet), such clients should be excluded from the mapping like this:
Reading your question, I thought it should be done with "ftp-data-pasv",
but it does not work because it tries to bind a socket to the specified,
non-local interface, and fails. Then I'm reminded with "tcpbound".
I'm not so sure but this is the reason why I introduced "tcpbound" in
DeleGate/8.5.6 (and I noticed "tcpbound" is not expressed in Manual.htm...)
8.5.6 030628 inets.c: introduced SRCIF=tcpbound for FTP PASV (on SSL) behind NAT
D G Yutaka Sato <email@example.com> http://delegate.org/y.sato/
( - ) National Institute of Advanced Industrial Science and Technology
_< >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller