NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Help with RAX20 and port forwarding FTP
I just got this router today and have it setup through a Xfinity Gateway in bridged mode. Previous to this on the Gateway, I was able to port forward my Raspberry PI FTP server (port 21) and access i...
There is only one port 21/TCP ... if the router is configured on ReadyShare to FTP, port 21/TCP is obviously already occupied. Disable the FTP service on the advanced ReadyShare settings.
I would expect that this does free up port 21/TCP on the WAN interface to become available for the port forwarding. Netgear has an old flaw on port 443 (the default https one) - even with the https remote access service and https ReadyShare disabled or relocated to an alternate port, the port 443/TCP isn't becoming available for port forwarding.
Something general ref. ftp: These routers (including your previous one) have an application layer gateway (ALG) listening on the standard ports, e.g. 21/TCP for FTP on the handshake communication for the passive connection, dynamically adding a port forward to that port. If using FTPS (encryption) the ALG can't work so you need to configure the passive port range configured on the ftp server in a port forward range.
Thank you.I was able to get it sorted out with what you mentionted.
kawivukan wrote:Thank you.I was able to get it sorted out with what you mentionted.
Disabled the FTP on the ReadyShare was sufficient?
Time permitting, if you have the ability to set-up a test e.g. a https on the RasPi (or any other service operating on 443/TCP like telnet for a test), I would like to learn if if the RAX, e.g. your RAX20 does still reserve 443/TCP internally, or of 443/TCP is freely available (if removed from ReadyShare and the remote access). Following the test, do't forget to disable the test service or it's port forward again.
TIA,
-Kurt
I posted a reply but it didn't show up for some reason. I'll try again later because it was limiting my message replys for 60 minutes or something.
I had gotten a little ahead of myself thinking I fixed it but was able to sort the rest out and it works now. I do have limited networking knowledge and it just seemed a lot easier to setup with the Xfinity gateway. A lot of it was my fault as I had the port range setup from ’20/21’ instead of the ‘21/22’. (Port 21 still refuses to connect but SFTP Port 22 (FTP over SSH?) works just fine) That and I needed to setup a Static IP on my Raspberry PI. (I didn’t with the Xfinity Gateway and not exactly sure why it worked fine on that) Connecting locally to SFTP first worked and once I fixed the rest of my mistakes, I had no problem connecting remotely.
Yes, I did have to go in the Router settings / Advanced / Ready Share Storage, to disable the ‘FTP’ & ‘FTP (via internet) In order for it to work. I am still unsure of how to connect to port 21/FTP but that is fine as long as it just works with how it's setup now. I will have to read up on how to setup 443/TCP as I don't think I have ever used that before currently with my Raspberry PI. Once I get that figured out, I'll let you know If I'm able to get that working. I do appreciate the help though. It will be nice to know if I ever run into this again. Thanks