- Posts: 1
- Thank you received: 0
IPCOP SQUID FTP ISSUE
14 years 5 months ago #32730
by subarusyd
IPCOP SQUID FTP ISSUE was created by subarusyd
Hi Gurus,
I need some help!. Please Help Me!!. Many thanks in advance to those gurus out there who can please spare some time and brain cell energy to my desperate plea.
The issue is:
The clients inside our network is trying to access the external FTP site outside. The browsers are configured to point to squid proxy address port 3128. The user is able to browse through the FTP site and connect to it through the squid proxy may itbe through Firefox or IE. The problem is that the users even though can connect to that external FTP site cannot upload documents to it though they can access it. Squid is running on another server and i doubt its configured as transparent as I could not find any configured httpd_accel_ commands associated with making squid transparent. Squid by default does not support FTP services through FTP clients as per internet research. When i use any FTP clients such as FILEZILLA OR TOTAL COMMANDER, it just times out says "network Unreachable". I have tried with all the FTP clients and every connection method in them. It just times out. The only FTP client TOTAL COMMANDER WAS able to reach and authenticate to that external FTP site but it fails on uploads or copy to and from the FTP server using the option :" HTTP PROXY OVER FTP" on PUT method. I have changed the squid.conf file to the following commands:
ftp_passive on
acl ftp_server dst <ip address of xternal FTP IP>
always_direct allow ftp_server
acl FTP proto FTP
http_access allow FTP
acl allow_ftp port 21
http_access allow allow_ftp
acl FTP proto FTP
always_direct allow FTP
I think i have to install FTP proxy called FROX is there any easy link for comprehensive screenshot documentation that might help me on this issue?.
It still does not work. I have attached Filezilla screenshot.
The same thing happens to user who has a Windows small business server 2003 setup at his practice in remote location that allows him to remote desktop to his work computer through the website 218.xxx.xx.xxx . He is able to successfully access his desktop offsite, but is receiving the error "The client could not connect to the remote computer" onsite.the connection times out. the firewall blocks it. i did a netstat -a and this ip address is listening syn_sent on 4125 port but the client pc is having a different port everytime he connects from portrange 1024-65535 as the system assigns it. i need to let the ipcop firewall let in this ip address through port 4125. i am not sure should i put it in iptables or not. i did port forward and external access. still does the same thing. i followed documentation of ip cop to do port forwarding.
My main target is to:
1. ALLOW FTP CLIENTS TO ACCESS EXTERNAL FTP SITEs mainly the one specified above.
2. Allow the specific IP address to be able to access the internal clients accessing it. i.e allow 218.xxx.xx.xxx inside of the network.
Thanks
Michael
I need some help!. Please Help Me!!. Many thanks in advance to those gurus out there who can please spare some time and brain cell energy to my desperate plea.
The issue is:
The clients inside our network is trying to access the external FTP site outside. The browsers are configured to point to squid proxy address port 3128. The user is able to browse through the FTP site and connect to it through the squid proxy may itbe through Firefox or IE. The problem is that the users even though can connect to that external FTP site cannot upload documents to it though they can access it. Squid is running on another server and i doubt its configured as transparent as I could not find any configured httpd_accel_ commands associated with making squid transparent. Squid by default does not support FTP services through FTP clients as per internet research. When i use any FTP clients such as FILEZILLA OR TOTAL COMMANDER, it just times out says "network Unreachable". I have tried with all the FTP clients and every connection method in them. It just times out. The only FTP client TOTAL COMMANDER WAS able to reach and authenticate to that external FTP site but it fails on uploads or copy to and from the FTP server using the option :" HTTP PROXY OVER FTP" on PUT method. I have changed the squid.conf file to the following commands:
ftp_passive on
acl ftp_server dst <ip address of xternal FTP IP>
always_direct allow ftp_server
acl FTP proto FTP
http_access allow FTP
acl allow_ftp port 21
http_access allow allow_ftp
acl FTP proto FTP
always_direct allow FTP
I think i have to install FTP proxy called FROX is there any easy link for comprehensive screenshot documentation that might help me on this issue?.
It still does not work. I have attached Filezilla screenshot.
The same thing happens to user who has a Windows small business server 2003 setup at his practice in remote location that allows him to remote desktop to his work computer through the website 218.xxx.xx.xxx . He is able to successfully access his desktop offsite, but is receiving the error "The client could not connect to the remote computer" onsite.the connection times out. the firewall blocks it. i did a netstat -a and this ip address is listening syn_sent on 4125 port but the client pc is having a different port everytime he connects from portrange 1024-65535 as the system assigns it. i need to let the ipcop firewall let in this ip address through port 4125. i am not sure should i put it in iptables or not. i did port forward and external access. still does the same thing. i followed documentation of ip cop to do port forwarding.
My main target is to:
1. ALLOW FTP CLIENTS TO ACCESS EXTERNAL FTP SITEs mainly the one specified above.
2. Allow the specific IP address to be able to access the internal clients accessing it. i.e allow 218.xxx.xx.xxx inside of the network.
Thanks
Michael
Time to create page: 0.136 seconds