[unisog] -- FTPS via NAT
Harry Hoffman
hhoffman at ip-solutions.net
Tue Dec 18 22:18:34 GMT 2007
Hi,
We're using vsftpd to provide ftps service to our clients.
The vsftpd box sites behind a Cisco that does NAT (well, PAT really ).
You can, at least in vsftpd, define the following:
ftp_data_port=989
listen_port=990
pasv_min_port=49100
pasv_max_port=49110
So, we have ports 49100 - 49110 open to the public.
We then have iptables rules that pass all traffic on these ports back to
the vsftpd server.
I'd be happy to share configs, iptables rules if you need.
Cheers,
Harry
Christoph Sprongl wrote:
> Hi,
>
> we are in the situation to provide ftps (not scp or other encrypted way)
> behind several firewalls for internet users.
>
> Does someone have experience with that? - or there any tools out there for
> unix/linux-server?
>
> cheers,
> ch
>
> _______________________________________________
> unisog mailing list
> unisog at lists.dshield.org
> https://lists.sans.org/mailman/listinfo/unisog
More information about the unisog
mailing list