Any Luck with proxying FTPS or SFTP?

BIG-IP (v4.X or v9.X) does not support FTPS (SSL) or SFTP (subprotocol of SSH2) with SSL acceleration. I think this is what you meant, and not pass-through LB as a generic TCP. Feature request via support is probably all that can be done at the moment. The more request there is, more likely it is to be approved and added as a feature.

Our back end servers were trying to establish outbound SFTP (FTP over SSL/TLS - not the sftp ssh subsystem) and the connections would hang trying to step up from FTP to SFTP.

 

 

We had to set up a wild card forwarding vip to get things working. I wasn't trying to accelerate anything - I was just trying to get SFTP working through the LTM.

Did you every find a solution to this. We are experiencing the same issues. I was thinking that I could change the SNAT Packet forwarding from TCP and UDP only to All on the System->General Properties -> Local Traffic -> General but not sure if this will work. Also do not want to open any security risks. Any other ways to accomplish this for the specific servers behind the LTM?

 

 

Thanks,

 

Andrea