I have working vsftpd server serving connections successfully from outside the office (public IP). However, it won't accept any connections coming on the local interface (192.168.*.*). Even locally I have to connect to the real IP, or the hostname which resolves the same address.
Here's my config file
Now I do know that the pasv_address option is set to the public IP. And from experience I know that this is my working setup (passive mode).listen=YES
anonymous_enable=NO
local_enable=YES
local_umask=002
write_enable=YES
chroot_local_user=YES
#chroot_list_enable=YES
#chroot_list_file=/etc/vsftpd/chroot_list
idle_session_timeout=120
#max_per_ip=10
allow_writeable_chroot=YES
connect_from_port_20=YES
pam_service_name=vsftpd
user_sub_token=$USER
#local_root=/storage/$USER
ftpd_banner=whatever
listen_ipv6=NO
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
require_ssl_reuse=NO
ssl_ciphers=HIGH
#pasv_promiscuous=YES
pasv_address=7*.***.***.***
pasv_enable=YES
pasv_min_port=12000
pasv_max_port=12100
dual_log_enable=NO
#log_ftp_protocol=YES
vsftpd_log_file=/var/log/vsftpd.log
xferlog_enable=YES
xferlog_std_format=NO
xferlog_file=/var/log/xferlog
I'd like to be able to connect to the server from the local address (192.168.*.*) using TLS, as you can see.
Thanks for any advices