#1  
Old 10th February 2010, 14:14
falconwmua falconwmua is offline
Junior Member
 
Join Date: Feb 2010
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default vsftpd on multiple ports

We're trying to run vsftpd to do regular ftp and ftps but our firewall (not iptables) keeps blocking the connects not matter what rules we apply. The Firewall guy wants to split it up with regulare ftp on port 21 and ftps on port 21000 so that we can use 2 different sets of rules. The only way I can think of doing this is to setup 2 different vsftpd configs and services. Any suggestions?
Reply With Quote
Sponsored Links
  #2  
Old 10th February 2010, 15:44
Mark_NL Mark_NL is offline
Senior Member
 
Join Date: Sep 2008
Location: The Netherlands
Posts: 912
Thanks: 12
Thanked 100 Times in 96 Posts
Default

You can run FTP (SSL and TLS) traffic over the same port (21) ..

If you use Explicit SSL, the connection will be unencrypted until you call "AUTH SSL" or "AUTH TLS" and then starts doing the certificate negotiation etc.

Implicit SSL gives you the option to bind secure connections on a different port (default 990)
Reply With Quote
  #3  
Old 10th February 2010, 15:47
falconwmua falconwmua is offline
Junior Member
 
Join Date: Feb 2010
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I currently have it configured that way. But our External Firewall can't handle it. That's why we're wanting to separate it so that we can apply different rules on the different ports.
Reply With Quote
  #4  
Old 10th February 2010, 16:15
Mark_NL Mark_NL is offline
Senior Member
 
Join Date: Sep 2008
Location: The Netherlands
Posts: 912
Thanks: 12
Thanked 100 Times in 96 Posts
Default

Then you have to run multiple vsftpd instances, and use different config files for it specifying another port.

though i still think it's strange that your firewall guy can't get this working. What type of firewall are you running?
Reply With Quote
  #5  
Old 10th February 2010, 16:28
falconwmua falconwmua is offline
Junior Member
 
Join Date: Feb 2010
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I think its a Checkpoint. I agree about the firewall but we're up against a deadline and I don't have much recourse on calling out the firewall guy. You wouldn't happen to know of a good howto on copying and modifying the service scripts to run that second config?
Reply With Quote
  #6  
Old 10th February 2010, 16:33
Mark_NL Mark_NL is offline
Senior Member
 
Join Date: Sep 2008
Location: The Netherlands
Posts: 912
Thanks: 12
Thanked 100 Times in 96 Posts
Default

not from the top of my head, i found a howto for redhat though

http://www.redhat.com/docs/manuals/e...art-multi.html
Reply With Quote
Reply

Bookmarks

Tags
firewall, ftp configuration

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Running SMTP on multiple ports (postfix) eKg Tips/Tricks/Mods 23 29th August 2010 11:36
Slow download from own FTP (vsftpd + proftpd) Overcrook Installation/Configuration 0 12th January 2010 21:41
my vsftpd not compeleting start kara_iran Server Operation 5 6th May 2009 21:37
Probleme with vsFTPd ahmedbj Server Operation 5 5th May 2009 17:46
Running SMTP on multiple ports (sendmail) herberkg Tips/Tricks/Mods 1 18th August 2006 14:09


All times are GMT +2. The time now is 20:48.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.