FTP and one leg setup - why not working
Hi, I tried to do setup like that: VS in 192.168.1.1/24 network with IP 192.168.1.100 SNAT assigned 192.168.1.200 FTP server IP 192.168.1.110 Flow is then: C -> 192.168.1.100:21 <-> 192.168.1.200:high_port -> 192.168.1.110:21 Client connecting either passive or active is always refused, based on trace: Passive - client attempt to connect to VS 192.168.1.100: to create data connection - VS is almost immediately sending RST to SYN packet. Backend server is reporting 425 Can't open data connection for transfer of "/" Active - as soon as backend server tries to create connection from port 20 to port passed by BIG-IP in PORT command BIG-IP is not responding to SYN, after 2 repeated SYN BIG-IP is sending RST-ACK, and backend server is again sending 425 Can't open data connection for transfer of "/" over control connection Same VS when accessed from another VLAN is working without issue in both Passive and Active mode. Tested on both v11.2.0HF7 and 13.0.0HF2. Am I missing something important that prevents FTP in one leg configuration? Piotr