[unisog] -- FTPS via NAT

Harry Hoffman hhoffman at ip-solutions.net
Tue Dec 18 22:18:34 GMT 2007


We're using vsftpd to provide ftps service to our clients.

The vsftpd box sites behind a Cisco that does NAT (well, PAT really ).

You can, at least in vsftpd, define the following:

So, we have ports 49100 - 49110 open to the public.

We then have iptables rules that pass all traffic on these ports back to 
the vsftpd server.

I'd be happy to share configs, iptables rules if you need.


Christoph Sprongl wrote:
> Hi,
> we are in the situation to provide ftps (not scp or other encrypted way)
> behind several firewalls for internet users.
> Does someone have experience with that? - or there any tools out there for
> unix/linux-server?
> cheers,
> ch
> _______________________________________________
> unisog mailing list
> unisog at lists.dshield.org
> https://lists.sans.org/mailman/listinfo/unisog

More information about the unisog mailing list