Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    FTP on pfSense

    Scheduled Pinned Locked Moved General pfSense Questions
    17 Posts 4 Posters 4.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jeguard
      last edited by

      I did a port scan on my pfSense box and noticed that ftp was open, when i ftp'd to it is say Checkpoint - 1 firewall ftp server login prompt. Is this normal or do i need to reinstlall my pfSense box?

      1 Reply Last reply Reply Quote 0
      • K
        kejianshi
        last edited by

        You need to close the port.  Its possible if you have uPNP going that something opened the port automagically and its also possible you did by accident or that you were hacked.  Not sure why its open or why something is listening on it.

        Never seen that before

        Checkpoint is also a type of router.

        http://www.checkpoint.com/

        Anyway…  I'd be concerned if I had services running I didn't set up.

        1 Reply Last reply Reply Quote 0
        • J
          jeguard
          last edited by

          Thanks for the fast reply…... : ;)

          Do you know how to go about closing port 21?

          1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator
            last edited by

            all inbound ports would be blocked by default..  So unless you opened up the rule there would BE nothing open on a default box.  Did you enable UPnP?

            Is you pfsense behind a nat already.. Maybe the port is before it even hits pfsense.

            Where are you scanning from - outside?  And how did you try to connect, from outside pfsense as well?

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            1 Reply Last reply Reply Quote 0
            • J
              jeguard
              last edited by

              I do have uPNP open for Xbox traffic. I did a nmap scan from outside and tried to connect from outside as well.

              1 Reply Last reply Reply Quote 0
              • J
                jeguard
                last edited by

                here is my scan results.

                Starting Nmap 5.21 ( http://nmap.org ) at 2013-08-01 10:59 CDT
                Nmap scan report for
                Host is up (0.061s latency).
                Not shown: 997 filtered ports
                PORT    STATE SERVICE
                21/tcp  open  ftp
                80/tcp  open  http
                443/tcp open  https

                here is ftp session:

                root@jguard-ubuntuX64:/home/jguard# ftp
                Connected to
                220 Check Point FireWall-1 Secure FTP server running on fw_1
                Name (:jguard):

                1 Reply Last reply Reply Quote 0
                • D
                  doktornotor Banned
                  last edited by

                  @jeguard:

                  I do have uPNP open for Xbox traffic.

                  Well, then turn if off.

                  1 Reply Last reply Reply Quote 0
                  • J
                    jeguard
                    last edited by

                    I have created a rule to block all traffic to port 21 but i still see it when i scan. Strange! ???

                    1 Reply Last reply Reply Quote 0
                    • J
                      jeguard
                      last edited by

                      uPNP is disabled and still port 21 shows up in the scans. Looks like a fresh install in needed.

                      1 Reply Last reply Reply Quote 0
                      • johnpozJ
                        johnpoz LAYER 8 Global Moderator
                        last edited by

                        And again is there anything in front of your pfsense – say a checkpoint firewall ;)

                        You sure your even checking the correct IP ;)

                        So when you hit 80 or 443 you get the services your running on those ports?

                        An intelligent man is sometimes forced to be drunk to spend time with his fools
                        If you get confused: Listen to the Music Play
                        Please don't Chat/PM me for help, unless mod related
                        SG-4860 24.11 | Lab VMs 2.8, 24.11

                        1 Reply Last reply Reply Quote 0
                        • J
                          jeguard
                          last edited by

                          I have my IP phone gateway and DSL modem in front of the Firewall.

                          It is the correct IP.

                          When I connect 80 and 443 I do see the services that should be on them.

                          Guess I should check with Speakeasy to see if their modem or IP gateway have checkpoint. DOH!!!!!!!!

                          1 Reply Last reply Reply Quote 0
                          • K
                            kejianshi
                            last edited by

                            When they ask you is there anything in front of pfsense, what they mean is how is pfsense connected?

                            Directly to a modem with only 1 port available or is it plugged into something with 2,3,4 or 5 ports on it?

                            Easy way to tell is look at your ip in upper right of pfsense status screen.  What is it?

                            1 Reply Last reply Reply Quote 0
                            • J
                              jeguard
                              last edited by

                              It is connected directly to a modem with only 1 port.

                              I see the static IP from my provider.

                              1 Reply Last reply Reply Quote 0
                              • D
                                doktornotor Banned
                                last edited by

                                @jeguard:

                                It is connected directly to a modem with only 1 port.

                                And the IP phone gateway is hanging in the air?  ???

                                1 Reply Last reply Reply Quote 0
                                • johnpozJ
                                  johnpoz LAYER 8 Global Moderator
                                  last edited by

                                  " DSL modem in front "

                                  Yeah that is RARELY the case that is a "modem"  – what is normally is a GATEWAY, ie its doing NAT.

                                  So what IP address does it show you on pfsense -- is it a public one, or private 10.x.x.x, 192.168.x.x or 172.16-31.x.x

                                  Its its PRIVATE -- then your behind a NAT, and its quite possible that NAT devices is listening on 21 not pfsense or anything behind pfsense.

                                  Did you setup any forwards for your 80 and 443 services on your "modem"???

                                  I have not seen a pure dsl/adsl "modem" in years and years - they are always out of the box a gateway.  They might be able to turn on bridge mode and turn them into a "modem"  But out of the box they are always gateways.

                                  this is even becoming common with cable - where they give you a gateway vs a modem, and its doing nat.

                                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                                  If you get confused: Listen to the Music Play
                                  Please don't Chat/PM me for help, unless mod related
                                  SG-4860 24.11 | Lab VMs 2.8, 24.11

                                  1 Reply Last reply Reply Quote 0
                                  • J
                                    jeguard
                                    last edited by

                                    I am going to try and do a scan from my network when I get home to see if I see it from behind the firewall. Will post later after I have done this, thanks everyone for your help with this matter. :)

                                    1 Reply Last reply Reply Quote 0
                                    • K
                                      kejianshi
                                      last edited by

                                      Ahhhhhh the adventure of learning.  Well, at one point we were all there.

                                      1 Reply Last reply Reply Quote 0
                                      • First post
                                        Last post
                                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.