Setting up NAT regarding FTPS and another machine using SSH

  • I am having a pickle of a time setting up my FTPS server on the other side of pfsense. Right now I have one machine that I SSH into from outside, and that works just fine. Then I have an FTP server (openmediavault, love it!) sitting there as well. From what I've read, FTPS needs 21, 22 and then the passive ports open, but for the life of me, I can not figure out how to do it. Could anyone help me or guide me? I love PFsense, but man, there are a lot of options! Hard to pick the right one!


  • LAYER 8 Global Moderator

    ftps uses 21 only if your running in EXPLICIT mode - quite often with IMPLICIT mode port 990 would be use.  What are you clients doing?

    It sure and the hell does not use 22  that would be SFTP… Completely different..

    Pfsense dropped the ftp helper, and never worked with ftps because the control channel is encrypted..  So are you clients active or passive?  Active should work just fine because the server makes a connection to them..  But since they are using ftps then their router can not open up the ports.  So if you use passive you need to forward the data ports your ftp is going to use.

    You do understand it would be much user to just use SFTP.. Which is only port 22.  openmediavault for sure support SFTP

    What did you set your passive ports for on OMV?  You would then need to forward those to your OMV.. Is your problem that you have more than 1 machine you want to ssh too?  SSH or SFTP does not have to run on 22 you can use whatever port you want.

  • I might just redirect ssh on the OMV machine to another port. The passive ports are defined, but I'm still having an issue.

  • LAYER 8 Global Moderator

Log in to reply