D-Link Forums
The Graveyard - Products No Longer Supported => D-Link Storage => DNS-321 => Topic started by: universal on February 22, 2009, 10:52:39 AM
-
I finally got my FTP site to work outside of my network with a little hair pulling but it only works using the anonymous account. None of the user accounts I set up work on the outside but only inside my network.
To get my FTP to work on the outside I pointed it to the IP address coming into my Verizon Fios router which my DNS-321 is attached to with an inside address of 192.168.1.5. Help please. Only having an anonymous account to work on the outside isn't very secure so any help would be appreciated.
-
Can you provide more detail please such as FTP port used and rules created in your router firewall.
-
Odd. When I set up my ftp, I was having problems allowing anonymous connections. I HAD to set up a username and password.
-
You can create an "anonymous" user - or rather a user called anonymous, which is actually a defacto standard.
When making your ftp server "publicly accessible" you need a login for security reasons - typically the public would have read only access - this of course creates a problem in that you now have to provide a "well known" user name and password, which would normally be "anonymous" as the user name, and your email address as the password (this is for logging purposes, not authentication - so anonymous ftp is not really anonymous)
If you create a user called anonymous on the DNS-32x with no password, it will work, but of course it will not prompt for a password and not log access.
-
Well basically on my router i kept the firewall settings at the lowest possible which is where they were to begin with. I then found the IP linked to my DNS-321 and made a public IP for it. (The option was there in the settings) So instead of pulling an outside IP adress out of my a$$ I used the IP adress that is coming into my router. (The ip that is shown when you go to www.whatismyip.com). It works now on the outside ;D. All that needs to be done is type ftp://71.***.***.** and thats it. now when doing it in a web browser you can see the volumes but then ask you for a username and password. None of the usernames or passwords I set up work except the anonymous which is the default account which I then had to give read write access so that i could even access it from the outside. Now inside my network my usernames and passwords work fine.
-
I'm not certain I understand what you did there - perhaps you have a router that I have never worked with - but, none of the routers I have worked with allow you to "make a public ip", consumer grade routers, which is what most consumers use, require you to forward a port, and you use whatever public ip your ISP assigns to you.
It may just be a matter of terminology - but - that's not what I wanted to address...
You have to create a user/password (Advanced - Users/Groups) and then, in the FTP Server page, select the user you created from the pulldown, select a folder, set the permissions and click add - the user details should then appear in the ftp access list.
If you create access rights for anonymous, then that is the only user that will be allowed access - and as I mentioned earlier, anonymous is actually a user name, and not a concept.
-
Ok let me try to clear this up some. My carrier is Verizon Fios and I have a Fios modem/router. In the router settings I went to port forwarding, added the DNS-321 local ip adress which is 192.168.1.5, then I set the protocol to FTP - TCP ANY---->21, then at the top there is a check box that when checked lets you specify a public ip adress. I then checked this box and put in the ip adress that is assigned to my router. I did this because previously when I tried just adding the FTP protocol it still would not work on the outside.
Now with the user accounts. I understand that the anonymous account is a user account like any other. And If Im reading this right then you are saying that even when I have other user accounts created with R/W access to the FTP and I have the anonymous account set with R/W access also then the others will not work or at least on the outside because they will locally.
***If you create access rights for anonymous, then that is the only user that will be allowed access - and as I mentioned earlier, anonymous is actually a user name, and not a concept.***
-
OK I disabled the anonymous account all together and when i got to work this morning I can seethat my other accounts work like a charm. Thanks allot ! ;)
If anyone needs help getting there ftp set up on the Internet let me know and I just mat be able to help. the port forwarding process is pretty simple.
-
If anyone needs help getting there ftp set up on the Internet let me know and I just mat be able to help. the port forwarding process is pretty simple.
You might find this hard to believe - it's usually not the port forwarding process that bites people, but the setup of the client side.
Have you tried to run the DNS-321's ftp server with a non-standard port (anything other than 21) yet?
-
Actually no I have not but I think that I should for security reasons.
-
When you do try it, let me know how it goes - ;) - getting it running on port 21 is not where the challenges lie, and yes, it can be done.