I have changed server at home, and suddenly something's wrong. My setup is one server with a VM running M0n0wall generic pc and four network ports. One for DSL to M0n0wall, one for M0n0wall out with a short cable to Server Internet in, and the fourth for the LAN. So there are two network ports that are dedicated for M0n0wall. It's almost identical to the previous setup, only difference is that I have other NICs (two on the motherboard and two on a PCI-E card).
I have a subnet 192.168.1 from M0n0wall to the server, and 192.168.0 on the LAN. The server has the address 192.168.1.4, and I have another VM running downloads that is 192.168.1.5, using VMWare's bridge protocol.
But with this new setup I can't access my FTP server from WAN. I can get to it if I use the VM 192.168.1.5. And even more weird: I can't get to any external FTPs from the 192.168.1.5! Other communication doesn't seem to be affected. None of these problems were there before. And nothing has changed on my Internet connection. I tried to open all ports (and quite soon saw port scanners, so I didn't keep it open for long!), but I still could not get to my FTP server from outside or get out to any FTP server from the .5 VM. I checked the Firewall log, and I found this which had a red x, presumeably blocked:
Act Time If Source Destination Proto
23:22:58.027632 LAN 192.168.1.5, port 2325 xxx.xxx.xxx.xxx, port 21 TCP
23:22:58.020062 LAN 192.168.1.5, port 2325 xxx.xxx.xxx.xxx, port 21 TCP
The X's are hiding the IP address for my company's FTP-server, which is totally accessable from the server 192.168.1.4, but not from the .5 VM.
Also, when I tried to access my FTP from outside, I have this in File Zilla client:
Status: Connecting to myftp.org ...
Status: Connected with myftp.org. Waiting for welcome message...
(Of course it's not myftp.org, but you get the meaning). But nothing more happens. It only says "Disconnected from server", and it starts again. In M0n0wall I see:
Act Time If Source Destination Proto
23:27:48.524355 LAN 192.168.1.4, port 63239 yy.yy.yyy.yy, port 54352 TCP
23:31:00.892046 LAN 192.168.1.4, port 63276 yy.yy.yyy.yy, port 54319 TCP
23:30:39.673524 LAN 192.168.1.4, port 63275 yy.yy.yyy.yy, port 54324 TCP
23:29:56.912677 LAN 192.168.1.4, port 63273 yy.yy.yyy.yy, port 54332 TCP
23:29:35.644413 LAN 192.168.1.4, port 63270 yy.yy.yyy.yy, port 54336 TCP
23:28:52.941180 LAN 192.168.1.4, port 63259 yy.yy.yyy.yy, port 54342 TCP
The y's are hiding the IP address to my cabin, which I use for tests from outside. So it seems like the "callback" from the FTP Server to the client is blocked.
Can anybody please tell me what's going on here? I'm totally lost...