access from lan ip via public ip
Moderator: Project members
access from lan ip via public ip
hello all! I am connected to the internet via a router with a public ip on the wan port.
how to make the server return the public ip when connecting from a private address from the provider's side, and return private ip when connecting frome my home network(192.168.3.1-254) in PASV relpy ?
how to make the server return the public ip when connecting from a private address from the provider's side, and return private ip when connecting frome my home network(192.168.3.1-254) in PASV relpy ?
Server feature request: passive mode setting, Use the default host from my lan only
hello all, to fix this situation without install two servers
Server feature request: passive mode setting, Use the default host from my lan only.
Server feature request: passive mode setting, Use the default host from my lan only.
Re: access from lan ip via public ip
You must simply activate the check on "Use the default host for local connections" in the Passive mode configuration page.
Re: Server feature request: passive mode setting, Use the default host from my lan only
Why? That couldn't possibly work.
Re: access from lan ip via public ip
if client from provider lan use private ip - server report my private ip for this client...
Re: Server feature request: passive mode setting, Use the default host from my lan only
if a client with a private ip connects from the provider side, and the use default host for local connection option is marked in the server, will your server return the public ip registered in it, or my private ip ?
Re: access from lan ip via public ip
You mean that other clients are connecting to the server from IPs in the 172.16.0.0/12 or 10.0.0.0/8 ranges and to those you want the give the server's public IP when they issue the PASV command?
If that is so, it's not currently possible.
If that is so, it's not currently possible.
Re: Server feature request: passive mode setting, Use the default host from my lan only
Clients connecting to the server's public IP address over the internet are always seen as coming from a public IP address. You cannot present such clients your private LAN IP address, as they are not within your local network, and private address ranges are not being routed over the internet.
Re: Server feature request: passive mode setting, Use the default host from my lan only
a small correction is needed to the "use default host for local connection" option, but what should I do with a local connection? all private ip, or selected ip range...?
Re: Server feature request: passive mode setting, Use the default host from my lan only
I understand that the problem is far-fetched (modern software will bypass it), but purely theoretically...
Re: Server feature request: passive mode setting, Use the default host from my lan only
Private is private, public is public. There is no distinction between different addresses or address ranges within the same address type.
127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 and 169.254.0.0/16 are private address ranges. If "Use default host for local connection" is set, FileZilla Server automatically replies to the PASV command with the same IP address used by the FTP control connection. That is guaranteed to work, as the control connection was already being able to be established that same way.
It is only clients connecting from the Internet, and thus a public IP address, which need to be informed about the server's public IP address in the PASV reply. As this information is not available in the presence of NAT, this information has to be provided in the server configuration.
127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 and 169.254.0.0/16 are private address ranges. If "Use default host for local connection" is set, FileZilla Server automatically replies to the PASV command with the same IP address used by the FTP control connection. That is guaranteed to work, as the control connection was already being able to be established that same way.
It is only clients connecting from the Internet, and thus a public IP address, which need to be informed about the server's public IP address in the PASV reply. As this information is not available in the presence of NAT, this information has to be provided in the server configuration.
Re: Server feature request: passive mode setting, Use the default host from my lan only
for me, everything behind the wan port is the Internet, and for the server there is a concept of private ip, and I would like all clients behind the wan port to receive a public ip in response to pasv, and my devices on the home network are the private address of the server
Re: Server feature request: passive mode setting, Use the default host from my lan only
option : to shield only my subnet with local connections will not hurt anyone, and will help many, imho
Re: Server feature request: passive mode setting, Use the default host from my lan only
Clients coming from the public net don't have a private IP. Private IPs are invalid on the Internet, as they are not unique and thus not routed.
Note that in case of double-NAT (CGN, Carrier Grade NAT), running servers is impossible.
Note that in case of double-NAT (CGN, Carrier Grade NAT), running servers is impossible.
No support requests over PM! You will NOT get any reply!!!
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
Re: Server feature request: passive mode setting, Use the default host from my lan only
"To shield"? Please repeat after me: A NAT is not a firewall. Write that a hundred times.option : to shield only my subnet with local connections
Double-nat, aka NAT-in-NAT, is an abomination, it must not ever be used. At least thanks to IPv6, these days there's zero reason to ever use NAT. Use IPv6 if you can, it is your friend.Note that in case of double-NAT (CGN, Carrier Grade NAT), running servers is impossible.