I'm having a problem with ftp getting through the firewall from a Windows based system.
My server is a HP DL380 running CentOS 7 and vsftpd. vsftpd is set to run passive mode by default and is set to use ports 10100 to 10199 as the random port range. The router is a Linksys E4200V2. I've opened ports 20, 21, 10100 to 10199 (along with a bunch of others - mail, ssh, http/s, etc.) All the other ports work fine, but I can't get ftp to work - it doesn't appear that any ftp traffic is getting through to the server and the client fails with a "no response from server" error.
I had seen another message that indicated installing kmod-nf-nathelper would work, but that package doesn't appear in either the list of available or installed packages.
Another message indicated that nf-conntrack-ftp used to be installed but was no longer included in the most recent kernel versions.
I want to forward packets to various machines behind the router depending on the port number, but the majority (including the ftp traffic) would be going to the DL380 which has its own firewall running. Is it possible to set the specified ports to route to the appropriate machine and then as the last rule forward all packets to the DL380 and let that machine's firewall take care of the rest? Would this solve my ftp problem, and would it open me up to other security risks (other than the ones inherent in having the DL380 exposed to the world)?
Thanks in advance.