FTP on pfsense FWA-3045
Hello, I am a new comer in the pfsense world and I am still discovering the Equipment.
I set a fwa3045 up into my network, internet access works fine but we cannot scan to FTP.
With the previous router, we were able to use the scan to FTP onto the MFP. It seems a rules or an option is blocking the communication between the MFP and the distant FTP server.
Is there an option to activate/desactived ? how to configure the router to allow the inbound/outbound FTP trafic ? Thanks in advance
johnpoz LAYER 8 Global Moderator last edited by johnpoz
Is this passive or active ftp, is it ftps or ftpes? etc..
Out of the box passive ftp to outbound sources would not be blocked, since pfsense allows any any outbound out of the box.
Outbound to active would require install and setup of the active ftp package.
Inbound to active would require port forward of 21 and no allow for the outbound - ie out of the box config.
Inbound to passive server behind pfsense would require port forward of 21 (control) and the passive ports that the server is going to use, and also make sure that the client converts the rfc1918 server would give out, or the server gives out your actual public IP, etc.
If your using ftps where the control channel in encrypted your outbound active is going to fail since the package will not be able to see the data port in the control channel. And your port forwards would change if you using encrypted control channel for ports as well.
Understanding how the protocol actually works is step 1..
Thanks a lot johnpoz, after reading the very good link you posted, I understood how works the FTP, so finally, no need to modify rules on my firewall. I just modify the mode Active/passive on to my MFP. Thank you so much
Thanks a lot johnpoz, after reading the very good link you posted I understood how works the FTP, so finally, no need to modify rules on my firewall. I just modify the mode Active/passive on to my MFP. Thank you so much