Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Internal FTP Client to outside FTP Server?

    Scheduled Pinned Locked Moved
    General pfSense Questions
    ftp client openvpn pfsense
    3
    5
    586
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sweeperq
      last edited by

      We replaced a Ubiquiti USG Pro 4 with a new Netgate X-1537 with PFSense+ yesterday. Everything seems to be working well, except a couple of batch jobs and custom programs that use FTP to transfer files to servers outside of the network.

      The batch jobs are a decade old and utilize VBScript and ftp.exe, and the custom programs are based on .Net and likely use ftp.exe under the hood. When they attempt to transfer files they get the following error:

      The remote server returned an error: (501) Syntax error in parameters or arguments

      Looking at the FTP server logs, this error appears to be thrown on the PORT command.

      We installed the FTP Client Proxy and set it up for the LAN interface. That appears to have worked around the issue for our office employees.

      However, we have several folks working remotely, utilizing OpenVPN to connect to the office. We cannot find a way to get the FTP Client Proxy to work for those users. Tried adding the WAN interface to the proxy (since OpenVPN comes through WAN), but that didn't work.

      Is there a known way to get it working for remove VPN users?

      johnpozJ 1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator @sweeperq
        last edited by johnpoz

        @sweeperq old ftp.exe from windows only support active ftp.

        You would need to install the FTP_Client_Proxy package and set it up to be able to do active ftp to servers out on the public internet.

        The openvpn users would be coming in via a tunnel network.. Prob is there is prob no interface setup to be able to setup the proxy package with?

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.7.2, 24.03

        S 1 Reply Last reply Reply Quote 0
        • S
          sweeperq @johnpoz
          last edited by

          @johnpoz Correct, I have the FTP Client Proxy installed and it is working on LAN, but no OpenVPN interface to bind to.

          Never really thought much about FTP being a security risk since we don't really move sensitive information around that way... Just product photos and csv feeds.

          1 Reply Last reply Reply Quote 0
          • jimpJ jimp moved this topic from Problems Installing or Upgrading pfSense Software on
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            Assign the OpenVPN server interface and you can use the FTP proxy on it.

            Be aware you will need to restart the OpenVPN server after doing that, it will not accept connections until you do, so all clients will be disconnected.

            Steve

            S 1 Reply Last reply Reply Quote 1
            • S
              sweeperq @stephenw10
              last edited by

              @stephenw10 I didn't realize that I was able to create an interface for VPN. I did that (and it booted the remote users, lol), and was able to configure the FTP Proxy Client plugin to work with it. Thank you for your help!

              1 Reply Last reply Reply Quote 1
              • First post
                Last post