I hope this is the correct newsgroup for this item. Please let me know if this should be posted elsewhere.
We have noticed that when using FTP over a VPN, PDAs send the wrong ip address for the data channel.
We are using an ISP to connect to the internet, at which point the ISP provides a public IP address. We then connect to an internal VPN and receive a private IP address. At this point I believe the client device would be aware of both ip addresses.
When using simple FTP client applications (CedeFTP, etc.) to connect to an FTP server inside the VPN, the PDA supplies the correct IP address (VPN private address) and sucessfully establishes a connection to the server. However, when the FTP client issues commannds that require a data port, the PDA sends the ISP public ip address in the PORT command. The server indentifies a change in the IP address and disallows the connection for the data channel.
Currently we are testing with only active mode. We have not focused our efforts on passive mode, as I believe that requires the opening of all ports greater then 1024. Additionally, we have an application which currently uses only active mode. Though we could change the application to use either mode, we would still have the issue of opening the additional ports.
Currently we are testing with the following:
- iPAQ 4700
- Movian VPN Client (end of life occurred Nov of last year)
- CedeFtp and ScottyFtp
We would greatly appreciate any advice on this issue.