We know FTP Sucks with pfSense! I can live with that but –>

  • I need a FTP Proxy Solution with a pair of balls!
    Any suggestions for a great, powerful, easy to integrate FTP Proxy Server Solution?

  • PFSense does have an FTP proxy its called FTP Helper

    FTP works on pfSense. It is however a bit more complex because of its design.
    FTP was created before firewalls really were needed hence its design really doesn't take security or firewalls into account.
    I personally recommend SFTP which will likely help get you through a lot of the configuration hassle and increase your data privacy as well.
    Another option that goes around configuration complexity is to establish a VPN first and then use FTP.

    If you can't go with SFTP or FTP over a VPN then close reading of the following should help you fix your FTP problems.


  • The FTP issues are for clients…. I am using pfSense to manage 10 2Mbt Lease Lines and Load Balancing the whole ball of wax to boot! I want pfSense to be transparent to the clients! I have a huge freaking wired and wireless network spread across the whole country! I am said to say I might have to start buying Core Routers from Cisco  >:(

    I am requesting for paid support and try to get the guys to help me build the NOC for my operation using this platform.... I just all to be secure, transparent, and not so complex for the customers...

  • I was not aware of your environment.

    I also work for a wireless ISP a small one at the moment but in February will be adding 2000 Access Points. Right now the wifi network is stuck with NAT because we don't have enough real ip addresses hopefully that will change in the near future. I think to be like a large ISP we will need to dump NAT completely. Then use PFSense as a transparent firewall.

    PFSense transparent firewall is described here:

    According to the above document FTP still might be an issue and Captive portal will not work with a transparent firewall. Will have to setup a test network and see if I that can be fixed.

Log in to reply