You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/nat-gateway/troubleshoot-nat-connectivity.md
+4-5Lines changed: 4 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -142,20 +142,19 @@ What else to check for:
142
142
143
143
### Active FTP and NAT gateway
144
144
145
-
FTP uses two separate channels between a client and server, the command and data channels. Each of these channels communicate on separate TCP connections, one for sending the commands and the other for transferring data.
145
+
FTP uses two separate channels between a client and server, the command and data channels. Each channel communicates on separate TCP connections, one for sending the commands and the other for transferring data.
146
146
147
147
In active FTP mode, the client establishes the command channel and the server establishes the data channel.
148
148
149
-
NAT gateway does not work with active FTP mode when connecting to an FTP server over the internet. Active FTP uses a PORT command from the FTP client that tells the FTP server what IP address and port for the server to use on the data channel to connect back to the client. The PORT command uses the private address of the client, which cannot be changed. Client side traffic is SNATed by NAT gateway for internet-based communication so the PORT command is seen as invalid by the FTP server.
149
+
NAT gateway doesn't work with active FTP mode when connecting to an FTP server over the internet. Active FTP uses a PORT command from the FTP client that tells the FTP server what IP address and port for the server to use on the data channel to connect back to the client. The PORT command uses the private address of the client, which can't be changed. Client side traffic is SNATed by NAT gateway for internet-based communication so the PORT command is seen as invalid by the FTP server.
150
150
151
-
An alternative solution to active FTP mode when using NAT gateway to connect to an FTP server is to use passive FTP mode instead. However, in order to use NAT gateway in passive FTP mode, a couple [additional considerations](#passive-ftp-and-nat-gateway) must be made.
151
+
An alternative solution to active FTP mode when using NAT gateway to connect to an FTP server is to use passive FTP mode instead. However, in order to use NAT gateway in passive FTP mode, [some considerations](#passive-ftp-and-nat-gateway) must be made.
152
152
153
153
### Passive FTP and NAT gateway
154
154
155
155
In passive FTP mode, the client establishes connections on both the command and data channels. The client requests that the server start listening on a port rather than try to establish a connection back to the client.
156
-
Outbound Passive FTP may not work for NAT gateway with multiple public IP addresses, depending on your FTP server configuration.
157
156
158
-
When a NAT gateway with multiple public IP addresses sends traffic outbound, it randomly selects one of its public IP addresses for the source IP address. FTP may fail when data and control channels use different source IP addresses, depending on your FTP server configuration.
157
+
Outbound Passive FTP may not work for NAT gateway with multiple public IP addresses, depending on your FTP server configuration. When a NAT gateway with multiple public IP addresses sends traffic outbound, it randomly selects one of its public IP addresses for the source IP address. FTP may fail when data and control channels use different source IP addresses, depending on your FTP server configuration.
159
158
160
159
To prevent possible passive FTP connection failures, do the following steps:
0 commit comments