Matt Mossholder on 11 Aug 2015 07:07:00 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] If not SFTP, how's about FTPS?

On Tue, Aug 11, 2015 at 9:57 AM, Michael Leone <> wrote:
Anyone? My firewall guy tells me that there are no rules blocking me
from doing this (not from my trusted zone into my DMZ, anyway). So
it's not a firewall block. Any ideas what might be causing this?

My guess is the firewall is blocking the ftp-data connections. FTPS works the same way as FTP (two channels, command and data). You've established that your command channel works by establishing a connection, but your FTP server will be making connections back to clients on dynamically allocated data ports to return the results of the commands. Unless you have defined a range of ports in your firewall for use by FTPS, you probably won't be able to receive the data back from the server. 

Most intelligent firewalls (these days) watch non-SSL FTP traffic and dynamically open the required ports. That obviously doesn't work with SSL.

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --