IPsec policy and FTP

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Hi,

I enabled IPsec policy between my VPS and home PC, I would like to do it for the FTP connection so I set appropriate settings but unfortunately it's not working and looking into IPsec monitor I have some authentication errors.
To test the connectivity I just simply change the port from 21 to 80 and I can established connection over IPsec with no problems (access websites on this server). I also tested RDP over IPsec (port 3389) and it was fine but with FTP port 21 it's not working.
Do I have to set anything else for the FTP, any other ports in relation to passive/active mode?

Regs

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Perhaps port 20 as well.

 

I also tried with port 20 but as I didn't enable it on the firewall before I implemented IPsec and FTP was working fine I thought it's not the issue, isn't it?

 

Won't know till you try it! ;) However, FTP uses both.

 

Thx for reply.

I just tested on my home lab (VMware) and everything works perfect and I really like it as when I deselected "Allow anonymous connections" on my FTP site the password was sent in plain text, now with IPsec Wireshark don't see anything ;)
I disabled server firewall on my lab environment so maybe that was the problem. I will check/test later on on my VPS.

Regards

 

People always think that FTP just uses port 21 but it doesn't. Port 21 is the command port and port 20 is the data port. Also worth remembering is that connecting to an FTP server can from a client can happen from any port above 1023, once its then connected it will use that port (N) and also N+1 to communicate with the server (for example 1050 and 1051) .