FTPS VIP creation

Question

Hello All,&nbsp;
I need a detailed information of how to create VIP for FTPS communication for two backend servers in my F5 device. Which ports do I need to allow for this passive FTP communication in F5 and Firewall. How can I know on which ports FTPS passive communication is happening from server or client end. Please explain me about this passive FTP communication and how it works.&nbsp;
Thanks in Advance&nbsp;

domai · Answer

For the passive FTP, the ports are actually configured on the server. Lets say you allocate 3001 - 3005 for passive FTP communication then when you create a VIP you need to assign that port range. Make sure your firewall also allows those ports.
Firewall rule would look like&nbsp;
ANY----&gt;(Allow port 3001-3005,21)----&gt;VIP&nbsp;
Passive FTP is where the data channel is opened by the server and communicated to the client asking the client to come and connect to it using the ports that it opened to get the data.&nbsp;

domai · Answer

Ok FTP and FTPS are 2 diff things. Looks like you are trying to set up FTPS. Are you using source address as persistence?&nbsp;

Forum Discussion

FTPS VIP creation

2 Replies

Recent Discussions

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

Related Content

AS3 Json for pool creation

Node/Pool/VIP Creation Script (from csv input)

Manage F5 BIG-IP Advanced WAF Policies with Terraform (Part 1 - Policy Creation)

VIP-targeting-VIP solution using Standard and performance L4 VS

FTP Session Logging