configure PfSense ftp
-
Hello. How to configure an exit from the local network (client) to an ftp server on the Internet on PfSense?
-
@tafovizo said in configure PfSense ftp:
Hello. How to configure an exit from the local network (client) to an ftp server on the Internet on PfSense?
The default LAN rule handles outgoing FTP just fine, that is a device on LAN using and FTP client, accessing a FTP server on the net.
Edit : that is, most FTP servers are hosted on the Internet using a NON RFC1918 IP, and the visiting clients are mostly behind a router like pfSense.
Read something like https://www.deskshare.com/resources/articles/ftp-how-to.aspx why you really want to ditch FTP where it belong : the national museum of ancient technologies. -
What are you using for a FTP client? FTP has a problem with NAT in active mode. Some clients might still use active mode, which will fail with NAT. Browsers use passive mode, which works fine with NAT.
-
Yes, if the server is using active mode or your outbound rules are only passing port 21, blocking the passive mode data ports, then you need the ftp client proxy.
https://docs.netgate.com/pfsense/en/latest/nat/ftp-without-a-proxy.html#client-behind-pfsense
Steve
-
@Gertjan said in configure PfSense ftp:
@tafovizo said in configure PfSense ftp:
Hello. How to configure an exit from the local network (client) to an ftp server on the Internet on PfSense?
The default LAN rule handles outgoing FTP just fine, that is a device on LAN using and FTP client, accessing a FTP server on the net.
Edit : that is, most FTP servers are hosted on the Internet using a NON RFC1918 IP, and the visiting clients are mostly behind a router like pfSense.
Read something like https://www.deskshare.com/resources/articles/ftp-how-to.aspx why you really want to ditch FTP where it belong : the national museum of ancient technologies.Thank you ;)
