HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Server Operation (http://www.howtoforge.com/forums/forumdisplay.php?f=5)
-   -   vsftpd on multiple ports (http://www.howtoforge.com/forums/showthread.php?t=43399)

falconwmua 10th February 2010 14:14

vsftpd on multiple ports
 
We're trying to run vsftpd to do regular ftp and ftps but our firewall (not iptables) keeps blocking the connects not matter what rules we apply. The Firewall guy wants to split it up with regulare ftp on port 21 and ftps on port 21000 so that we can use 2 different sets of rules. The only way I can think of doing this is to setup 2 different vsftpd configs and services. Any suggestions?

Mark_NL 10th February 2010 15:44

You can run FTP (SSL and TLS) traffic over the same port (21) ..

If you use Explicit SSL, the connection will be unencrypted until you call "AUTH SSL" or "AUTH TLS" and then starts doing the certificate negotiation etc.

Implicit SSL gives you the option to bind secure connections on a different port (default 990)

falconwmua 10th February 2010 15:47

I currently have it configured that way. But our External Firewall can't handle it. That's why we're wanting to separate it so that we can apply different rules on the different ports.

Mark_NL 10th February 2010 16:15

Then you have to run multiple vsftpd instances, and use different config files for it specifying another port.

though i still think it's strange that your firewall guy can't get this working. What type of firewall are you running?

falconwmua 10th February 2010 16:28

I think its a Checkpoint. I agree about the firewall but we're up against a deadline and I don't have much recourse on calling out the firewall guy. You wouldn't happen to know of a good howto on copying and modifying the service scripts to run that second config?

Mark_NL 10th February 2010 16:33

not from the top of my head, i found a howto for redhat though :)

http://www.redhat.com/docs/manuals/e...art-multi.html

falconwmua 10th February 2010 16:48

Just to make sure I'm not crazy. I can run 2 instances of vsftpd on the same ip listening on different ports correct?

Mark_NL 10th February 2010 16:54

That is correct.


All times are GMT +2. The time now is 13:16.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.