On Thu, May 01, 2003 at 12:03:04PM -0600, hpinson@indepthl.com wrote:
Hi. An increasing number of our associates are experiencing NAT related FTP issues with Zope.
Did you ever get any responses to this? or find a solution? I'm finding that I need ftp access to a zope server I work on and I need to do it via ssh tunneling, and I can't get it to work. Based on your message I wonder if it's because I'm connecting to a NATted IP. what were the problems you had? you never really said. I find that I can make a connection but "ls" either gives connection refused or never returns. In the examples below, I use 99.99.99.99 and 88.88.88.88 as stand-ins for the actual IPs i'm using. First I try a server that I access via a NATted address. I have this in my ~/.ssh/config (with the real remote IP of course): Host 88.88.88.88 LocalForward 18021 localhost:8021 now i can make an ftp connection to localhost on 18021: $ ftp -p localhost 18021 Connected to localhost. 220 dev-zope-knox01 FTP server (Medusa Async V1.21 [experimental]) ready. 500 'AUTH': command not understood. SSL not available 331 Password required. 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> user (username) paulw 331 Password required. Password: 230 Login successful. ftp> ls 227 Entering Passive Mode (127,0,0,1,178,158) ftp: connect: Connection refused ftp> Two odd things there: 1) Why do I get a "Login successful" before I've provided a username? 2) Why do I get "Connection refused" when doing an ls? OK, so I try another system. This one uses a non-NATted IP. In this case I get prompted for username right away, but ls never returns. First I set up the tunnel: ssh -L 18021:99.99.99.99:8721 99.99.99.99 $ ftp -p localhost 18021 Connected to localhost (127.0.0.1). 220 prod-realserver-knox01 FTP server (Medusa Async V1.21 [experimental]) ready. Name (localhost:pwinkler): paulw 331 Password required. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls 227 Entering Passive Mode (99,99,99,99,165,173) ftp: connect: Connection timed out ftp> -- Paul Winkler home: http://www.slinkp.com "Muppet Labs, where the future is made - today!"