|
If you use PASV mode - you don't have to open inbound ports in your firewall. In PASV mode, the server makes the connection outwards towards the PC that initiated the FTP connection. Its a great way of getting around the problems with a NAT/PAT firewall/router.
So you don't have modify the port range in the server, And you don't have to open ports on the firewall, either a external firewall or the firewall software in the BlueOnyx server. As long as your external firewall forward in TCP port 21 to the BlueOnyx server - PASV FTP connections should work. Give it a try. Turn on FTP and try a PASV mode connect from outside your network. Chuck ---------- Original Message ----------- From: Philip Hamer <[email protected]> To: "[email protected]" <[email protected]> Sent: Mon, 12 Jan 2015 18:03:16 +0000 Subject: [BlueOnyx:16847] Secure FTP Ports > Hi. > > Tracked down PASV mode in proftpd.conf. > > There is a massive range of ports. If I narrow this down to say 10, then open my external firewall to that port range, then port forward to my BO server this could work. > > I guess I'll have to open the firewall on the BO box as well. > > Any suggestions if this is safe / recommended? > FTP is hardly ever used, we are CMS based now on most sites, a few friends host a website on the BO box so maybe three of them use FTP anyway. No need for massive connections or throughout. > > I should have migrated from the old Zywall kit over to PFsense within a couple of weeks, although reading some posts on FTPS with PFsense this can be problematic. > > Thanks guys, any help is much appreciated. > > Sent from my iPhone > > > On 12 Jan 2015, at 17:00, [email protected] wrote: > > > > Secure FTP Ports > > _______________________________________________ > Blueonyx mailing list > [email protected] > http://mail.blueonyx.it/mailman/listinfo/blueonyx ------- End of Original Message ------- |
_______________________________________________ Blueonyx mailing list [email protected] http://mail.blueonyx.it/mailman/listinfo/blueonyx
