VSFTP local connection

Issues related to applications and software problems
Post Reply
excessive
Posts: 8
Joined: 2018/04/28 11:36:20

VSFTP local connection

Post by excessive » 2018/07/02 09:15:12

Hi all.

I have working vsftpd server serving connections successfully from outside the office (public IP). However, it won't accept any connections coming on the local interface (192.168.*.*). Even locally I have to connect to the real IP, or the hostname which resolves the same address.

Here's my config file
listen=YES
anonymous_enable=NO
local_enable=YES
local_umask=002
write_enable=YES

chroot_local_user=YES
#chroot_list_enable=YES
#chroot_list_file=/etc/vsftpd/chroot_list

idle_session_timeout=120
#max_per_ip=10

allow_writeable_chroot=YES
connect_from_port_20=YES
pam_service_name=vsftpd
user_sub_token=$USER
#local_root=/storage/$USER
ftpd_banner=whatever
listen_ipv6=NO

rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem

ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES

ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO

require_ssl_reuse=NO
ssl_ciphers=HIGH


#pasv_promiscuous=YES
pasv_address=7*.***.***.***
pasv_enable=YES
pasv_min_port=12000
pasv_max_port=12100


dual_log_enable=NO
#log_ftp_protocol=YES
vsftpd_log_file=/var/log/vsftpd.log
xferlog_enable=YES
xferlog_std_format=NO
xferlog_file=/var/log/xferlog
Now I do know that the pasv_address option is set to the public IP. And from experience I know that this is my working setup (passive mode).
I'd like to be able to connect to the server from the local address (192.168.*.*) using TLS, as you can see.


Thanks for any advices

Post Reply