Hi, I've several oS10.2 boxes running pure-ftpd. they're sat behind a firewall that only allows access to the FTP service from certain IP addresses. What I'm hoping to achieve is to create a bastion host box that allows SSH connections from anywhere, I can then create users on that box who'll be able to create an SSH tunnel to the FTP machines. So ssh -L 21:FTP-Machine:21 user@bastion to create the tunnel. then ftp to localhost should connect you. I've read several how-to's which suggest the above will work fine, and although I can connect I can't actually do anything. ayane:/etc/ssh # ftp localhost Trying 127.0.0.1... Connected to localhost. 220-Welcome to Pure-FTPd. 220-You are user number 1 of 10 allowed. 220-This is a private system - No anonymous login Name (localhost:root): matts 331 User matts OK. Password required Password: 230-User matts has group access to: users 230-This server supports FXP transfers 230 OK. Current restricted directory is / Remote system type is UNIX. Using binary mode to transfer files. ftp> ls 229 Extended Passive mode OK (|||43818|) 425 Can't create the data socket: Invalid argument 200-FXP transfer: from xxx.xxx.xxx.xxx to 127.0.0.1 200 PORT command successful 425 Could not open data connection to port 11573: Connection refused ftp> I can't use sftp or something else due to the specific ftp client my users have, I can't alter the FW to allow access from my users IP's as they're on dynamic connections. Can someone suggest a way forward, would be quite useful to get this working. Matthew -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org