Unsolved
This post is more than 5 years old
7 Posts
0
14619
March 10th, 2004 21:00
Help! Setting up an FTP service behind an ISPs firewall
Hi,
Im trying to set up an FTP to transfer pictures to family and friends. I am running through a Dlink wireless router and I have it set to forward all incoming port 21 requests to my machine (192.168.x.x) with the FTP service running. I tried having others connect to my FTP server with the IP address reported on the WAN side of my router with no luck. But if *I* type in the wan address into any comuter on my network the FTP will load up fine. The WAN IP being reported is 172.17.x.x which I think is a private IP assigned by a cisco router?? Is there any chance of me setting up an FTP behind these two routers? The way I see it, if internet traffic can find its way to me, why not FTP traffic?
Thank you
jmwills
2 Intern
•
12K Posts
0
March 11th, 2004 01:00
Smothedoutslapp
7 Posts
0
March 11th, 2004 02:00
jmwills
2 Intern
•
12K Posts
0
March 11th, 2004 10:00
Please explain. I have never heard of that situation. You have to be directly exposed to the Internet or you would have no access. I would think it would be impossible for your ISP to tie all their clients to a Proxy Server whihc is what you are describing.
You have an IP Address that is directly exposed to the internet. Now we need to figure out exactly what type of connection you have, static or dynamic.
Smothedoutslapp
7 Posts
0
March 11th, 2004 11:00
Yes, Ive never seen anything like this either. Let me explain in a bit more detail.
Internet > ISP Router > My Router > My Machine
My router assigns me a static IP address of 192.168.0.101. My router is assigned a static IP address of 172.17.0.177 on the WAN side. However, when I check my IP on various internet sites its a completely different number... something like 216.111.x.x. I can still use many other applications which require port openings (such as AIM file transfer), I just DONT understand how the traffic is getting to me. I think this may have something to do with subnetting? My subnet is 255.255.255.0 while the subnet assigned to the wan side of my router is 255.255.0.0. could this have something to do with it? I tried setting up my router to assign IPs on the 255.255.0.0 subnet but that didnt change anything. I dont know if this post made sence, I am very confused about how this whole thing works and Id consider myself somewhat knowledgable about this stuff.
Oh one more thing I should mention. Typing in the ftp://172.17.0.177 on any computer on my network will bring will bring up my FTP server! so I know MY router is configured okay. But no one on the outside can use this address to get to it. This is obvious to me now as the 172 address is an intranet address assigned my ISP. My ISP uses a T3 line that directly connects to me through an ethernet network at an apartment complex
jmwills
2 Intern
•
12K Posts
0
March 11th, 2004 23:00
Now I see the problem, if I had read the entire post, yes indeed you are being subnetted at the apartment hub and that segment is further being subnetted to each of the clients, you.
There is no way I know (other than bribing someone) to opne Port 21 on the apartment router so that it could then be forwarded to you. The 172 address is not an intranet but rather a subnet .
I do the same thing with my wireless connection. I have an Access Point inside a hard wired LAN and that AP is on it's subnet and you have the same thing going on with your connection. So you connection looks somethign like this:
Internet>ISP>Building Router>Your Router>Your Client Machine Feel secure with that connection becasuse there are two firewalls between your machine and the internet. I do not see a way around this. Maybe someone else will chime in.
Smothedoutslapp
7 Posts
0
March 12th, 2004 00:00
Thanks for your input! Again though, I believe there is a way around this since other ports can be opened and accessed by outside users through other applications (ie AIM fileshare).
jmwills
2 Intern
•
12K Posts
0
March 12th, 2004 09:00
Smothedoutslapp
7 Posts
0
March 12th, 2004 11:00
If you look at how kazza works, you connect to who ever has a file your looking for on a seemingly random port. Even if my ISP blocks ftp on port 21 I should be able to run a server on a different port. Lets assume I know that port 2021 is open on my ISP router and is fowarded to my machine from my router. What would someone who wants to access my FTP (on port 2021) type into their client? How would they specify that they want to access my subnet? Typing the public IP address of the ISP router followed by a colon and 2021 would not work because how would the isp router know that the traffic is bound for my machine?
jmwills
2 Intern
•
12K Posts
0
March 12th, 2004 14:00
What you are forgetting is that you are trying to pass thru TWO IP Addresses, not just one, and KaZaa uses Peer to Peer and not FTP. There is a way to do what you want to do but I'm not going to post it here because it is illegal.
Have you thought about calling your ISP and asking them if you could run a game server on you LAN and if so, then just FTP to that port instead of 21.
Smothedoutslapp
7 Posts
0
March 12th, 2004 15:00
My isps mentallity is that its "your connection, do what you want with it but dont expect us to change anything on our side". Basically they say you can run a webserver, ftp or whatever else so long as you can figure out HOW to do it.
I wish I could find some program that would help me do this, even if its a peer to peer program. The sole purpose of this FTP was to share photos with family and friends. If i could find some equivalent program that could do the same thing that would suffice.
I cant find anything on the internet, tutorials and such, that show how to connect to a computer on a subnet. I would have thought this would be a common issue since many coporate networks are subnetted many times. I would just go for another isp but this one is very cheap and very fast... oh well
jmwills
2 Intern
•
12K Posts
0
March 12th, 2004 15:00
Smothedoutslapp
7 Posts
0
March 12th, 2004 18:00