NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
FTPS access over WAN?
Setting up a FTP connection over WAN to a ReadyNAS device can be very tricky. After some time I found a solution and posted it here. But I have noticed that it's possible to login over FTPS locally, ...
ProFTPd debugging
http://www.proftpd.org/docs/howto/Debugging.html
TLS options
http://www.proftpd.org/docs/contrib/mod ... TLSOptions
Firewalls, Routers, and NAT
http://www.proftpd.org/docs/howto/NAT.html
http://www.proftpd.org/docs/howto/Debugging.html
TLS options
http://www.proftpd.org/docs/contrib/mod ... TLSOptions
Question: Using mod_tls, FTP sessions through my firewall now no longer work. What's going on?
Answer: The short answer is that FTPS and firewalls (and devices performing NAT) do not interact well. The control connection happens on a well-known port, and has no issues; it is the data connection that poses problems for FTP-aware firewalls. In a non-FTPS session, the firewall can inspect the FTP server's responses on the control connection to a client's PASV or PORT command, and thus know which on which ports/addresses the data connection will be established. In an FTPS session, though, those control connection messages are encrypted (that is the point of using FTPS, right?), and so the FTP-aware firewall cannot peek. Hence, it cannot know which on which ports the data connection will be established. For firewalls that are configured to always allow a certain range of ports (such as might be configured using the PassivePorts directive), FTPS should function without issue.
Firewalls, Routers, and NAT
http://www.proftpd.org/docs/howto/NAT.html
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
