Hi all!
FTP Data connection type can use PORT mode or PASV mode
the first mode client open a port wait connected and send "PORT" command to
server tell it's IP address and port. If client connect through gateway then
server cann't find client use this IP address and port to transfer data.
You probably should use PASV and provide it as an option.
In some proxy/firewall configurations, the client does not have a REAL IP
address on the Internet because it's only in a local network. The IP
address (the unique Identifier, does not make any sense on the Internet).
It makes sense on the local network only. The IP address the client in the
Internal network has would probably be something like 10.xx.xx.xx,
192.128.xxx.xxx or a few other things. Those are designated for local
networks to prevent packets from leaking and routers on the Internet know
to drop those local packets so your firewall might not even see those
packets. This is in addition to the fact that some firewalls, by their
nature will NOT permit a computer outside a network from connecting to a
computer inside your network (and that's what happens in a PORT transfer).
FTP is really not firewall/proxy friendly and some proxy configurations can
only work transparently because in these configurations, the firewall/proxy
has some smarts about the FTP protocol and will do some special fix-ups
with PORT so it can work.
A few firewall proxy configurations may include a specialized FTP proxy and
you usually can do some special things for those. Contract your
administrator or read the firewall/proxy manual.
Indy does have quite a bit of information about some firewall/proxy
configurations.
HTH.
--
J. Peter Mugaas - Indy Pit Crew
Internet Direct (Indy) Website -
http://www.nevrona.com/Indy
Personal Home Page -
http://www.wvnet.edu/~oma00215
If I want to do business with you, I will contact you. Otherwise, do not
contact me.
