how to configure outgoing virtual server for FTP and explicit FTPS connections

Question

Hi All,
I need to configure and outgoing virtual server that can handle FTP and FTPS connections.
I found a lot of information on devcentral, but all add in 2009 and earlier.
In different topics, I can read that I am not able to disable the FTP profile with an iRule. FTP and explicit FTPS connections are using both TCP port 21 for initiating the communication with the client. 
The default FTP profile checks the traffic, because the system is able to recognise the different FTP commands. With FTPs, the server answers with the command AUTH:TLS and start with encrypted traffic. Due to this, the FTP profile isn't recognising the different commands.
I need to find a way that I am able to configure and outgoing virtual server that can handle FTP and FTPS traffic for port TCP 21.
Regards
Thierry&nbsp;

hamish · Answer

For ftps if you're using NAT the server itself has to know what you're NAT'ing to so it can advise the client the correct address (Because your firewall can't do the fixup). Also if your VS has SNAT on it you're in the same boat.&nbsp;
You'll also have to get your firewall/bigip to preserve the posts used. Which on a firewall usually means a sttic 1:1 NAT (Hiding more than one server/client behind this address wont' work, because the ports have to be translated too).&nbsp;
H&nbsp;

Forum Discussion

how to configure outgoing virtual server for FTP and explicit FTPS connections

1 Reply

Recent Discussions

minimum tmos software version for connect CIS (openshift)

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5 Rseries HA

Need advise to setup a policy on F5

F5 Rseries R2600 Tenant sizing

Related Content

OAuth and OpenID Connect - Made easy with Access Guided Configurations templates

LTM: Configuring outgoing (passive) FTP connections

BIG-IP BGP Routing Protocol Configuration And Use Cases

Certificate Expiry Email alert configuration

Getting Started with BIG-IP Next: Configuring Instance High Availability