Managing the File Transfer Protocol (FTP) proxy service

Prerequisite

You must allow access to the FTP port through the Smoothwall Firewall.

  1. On the NETWORK menu, under the Firewall submenu, click Smoothwall access.
  2. Add an access rule for the following ServicesFTP proxy (2121). Alternatively, you can use port 21 (FTP proxy (alternative) (21)) for your network. Although the Smoothwall access page is where you can add both Services to same access rule, we recommend that you use only one for the FTP proxy service.

Procedure

  1. On the SERVICES menu, under the Proxies submenu, click FTP.
    • To set up a nontransparent FTP proxy:
      1. Under the FTP proxy settings section, select to "Enable" the proxy and the Antimalware scanning.
      2. From the Proxy port list, select the port to use for FTP traffic.
      3. If you want to allow FTP connections to all servers, select the Allow connections to any server option. However, if you want to allow FTP connections to only specific servers, select the Only connections to specific servers option.
        • To allow FTP connections to only specific servers, in the FTP server white list, enter the server's host name or IP address in the format: <IP_address_or_hostname >:<port_number>.
    • To set up a transparent FTP proxy:
      1. Follow the same steps as for setting up the FTP proxy.
      2. Under the Transparent proxy settings section, choose how you want the transparency to handle the source and destination IPs.
      3. Select the interface to transparently proxy FTP traffic.
  2. To save the settings and turn on the FTP proxy, click Save changes.

Note: When running the Smoothwall’s FTP proxy in transparent mode, you don't need to configure FTP client applications.

Follow-up tasks

Nontransparent proxy

  1. For your FTP clients' Remote host, enter the Smoothwall Firewall’s hostname or IP address.
  2. For the Remote port, enter the FTP proxy port configured on the Smoothwall, either 21 or 2121. This must match the port number selected for Proxy port.
  3. For the Remote username, enter the username in the following format: [email protected]