[rbak-nsp] Problem with FTP connection

Mon Sep 18 08:39:39 EDT 2017

Hi ,  i need some help. We have issue with FTP connection. One of ower 
client try to connect to FTP serwer but becouse we have range pool every 
connection has different source. For ex auth has not the same src 
address then file download. Can you check my config ? :

[NOWODWORSKA]Dareek#show configuration
Building configuration...

Current configuration:
!
context NOWODWORSKA
!
  no ip domain-lookup
!
* ip nat pool Pool-1 napt multibind**
**  address 185.78.134.1 to 185.78.134.254**
**   exclude well-known*
!
  nat policy NAT
! Default class
   ignore
   inbound-refresh udp
   icmp-notification
! Named classes
   access-group CLASS
    class NAT
     pool Pool-1 NOWODWORSKA
     endpoint-independent filtering udp
     inbound-refresh udp
     icmp-notification
    class NoNAT
     ignore
     inbound-refresh udp
     icmp-notification
!
  interface BRAMA-NOWODWORSKA multibind
   ip address 80.238.125.1/24
   dhcp server interface
!
  interface BRAMA-NOWODWORSKA-2 multibind
   ip address 93.174.26.1/24
   ip address 10.4.0.1/24 secondary tag 10
   dhcp server interface
!
  interface Klienci-NAT multibind
   ip address 10.100.0.1/16
   dhcp server interface
!
  interface To-Cisco-Pol
   ip address 10.29.0.1/30
  no logging console
  logging syslog 10.1.10.15 facility local7
!
  policy access-list CLASS
   seq 10 permit ip 10.100.0.0 0.0.255.255 host 80.238.109.12 class NoNAT
   seq 11 permit ip 10.100.0.0 0.0.255.255 host 80.238.109.11 class NoNAT
   seq 100 permit ip 10.100.0.0 0.0.255.255 class NAT
!
  aaa authentication administrator local
  aaa authentication administrator maximum sessions 1
  aaa authentication subscriber radius
  radius coa server 10.3.14.24 encrypted-key XXX port 3799
!
  radius server 10.3.14.24 encrypted-key XXX
!
  subscriber default
    dhcp max-addrs 1
!
  ip route 0.0.0.0/0 context BGP
  ip route 10.1.10.15/32 10.29.0.2
  ip route 10.3.14.24/32 10.29.0.2
  ip route 10.3.14.110/32 10.29.0.2
  ip route 80.238.109.11/32 10.29.0.2
  ip route 80.238.109.12/32 10.29.0.2
  ip route 80.238.113.178/32 10.29.0.2
!
  dhcp server policy
    subnet 10.4.0.0/24
      range 10.4.0.2 10.4.0.244
      option router 10.4.0.1
      default-lease-time 900
    subnet 10.100.0.0/16
      range 10.100.0.2 10.100.255.254
      option router 10.100.0.1
      option domain-name-server 80.238.109.12 80.238.109.11
      default-lease-time 900
    subnet 80.238.125.0/24
      range 80.238.125.2 80.238.125.254
      option router 80.238.125.1
      option domain-name-server 8.8.8.8
      default-lease-time 900
    subnet 93.174.26.0/24
      range 93.174.26.2 93.174.26.254
      option router 93.174.26.1
      option domain-name-server 8.8.8.8
      default-lease-time 900
!
  flow collector rflow
   ip-address 10.3.14.110
   port 9800
   export-version v5
   transport-protocol udp
   ip profile FLOW
!
!
!
end

-- 

Michał Przywuski
Administrator sieci.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/redback-nsp/attachments/20170918/96365285/attachment.html>