OPNsense Forum

Archive => 21.7 Legacy Series => Topic started by: CDuv on November 03, 2021, 03:44:40 pm

Title: FTP Proxy for LAN clients to connect to any external FTP server
Post by: CDuv on November 03, 2021, 03:44:40 pm

Hello,

I want to provide an FTP proxy for my LAN clients so that their FTP traffic goes via the OPNsense router and via it's WAN.
I want them to be able to connect to any FTP server.

I got the "os-ftp-proxy" plugin installation part OK and successfully configured a proxy to connect to a fixed server (using "Reverse address" and "Reverse port" ports).
For the client (FileZilla), I set the FTP proxy IP and port (IP of OPNsense aand 8021) and the following custom auth sequence:

USER %u
PASS %p

But, for my real use case I need to be able to connect to any FTP server, so I emptied both "Reverse address" and "Reverse port" fields from the FTP proxy configuration and set FileZilla FTP proxy settings to the custom auth sequence:


OPEN %h
USER %u
PASS %p
ACCT %a

But connections attempts timeout.

Using Wireshark I don't see any mention of the real FTP server address in my outgoing traffic.

I could not find any tutorial about the client-side configuration for a FTP proxy setup: is it that software-dependent?

Title: Re: FTP Proxy for LAN clients to connect to any external FTP server
Post by: faunsen on January 05, 2022, 04:39:55 pm

Hi,
the os-ftp-proxy plugin provides a transparent FTP proxy.
You don't need to configure FileZilla FTP proxy settings.
See FTP Proxy HowTo (https://forum.opnsense.org/index.php?topic=3868.msg13574#msg13574)

If you need a non transparent proxy try the proxy-suite package.

Title: Re: FTP Proxy for LAN clients to connect to any external FTP server
Post by: fabian on January 05, 2022, 11:01:14 pm

just configure a port forward any:any to any:21 -> 127.0.0.1:8021, then you can use FTP without any special configuration.