• hi all.

    was wondering if anyone could help.I am a noob when it comes to this stuff.

    we've installed PFsense and our network is as follows :
            router - Pfsense - Domain controller(sbs2003) - switch -

    now i use nmap and discover port 21 is open….stupid question but how do i close it??
    also restricting sites like facebook etc. where is it done and how? i have installed squid

    please overlook my stupidity all help greatly appreciated.

  • Port 21 is showing as open because you have the ftp proxy enabled on the interface. Either un-check the box for the proxy or don't worry about it. You should look in the package board for the squid question and start a new post there if you can't find what you need.

  • thank u !

    ill give it a try.

  • thank u!

    i tried unchecking the ftp box under interfaces and its still showing that the ports open. When you say "dont worry about it", what do u mean?
    Are you saying that its not bad if its open? (just worried about the security risk?)
    is there anything else i can do to try and close it?

    thanks again

  • Banned

    Do you have something listening on port 21??? Like an FTP server??

  • Are you scanning the LAN side or WAN side? You can generally leave the helper enabled on the LAN side and it avoids lots of user trouble with ftp. The port open on your LAN side is nothing to worry about. Unless you have a public ftp server, disable the proxy on the WAN (check the box), this should close the port unless you are forwarding 21 to something.

  • no don't have anything listening. (wouldn't even know how to setup a ftp server lol).
    ive checked the box on the wan side but no matter what i do cant close the port…

    dono what to do guys, im at a loss . is there not maybe something else im doing wrong? - cards are bridged?

    thank u again for ur help guys