Hi folks!
I have a old HP desktop that I have set up with Proxmox, and I have a Debian vm running on it that I would like to access through FTP. I have set up vsftpd and it works well on the internal network, but would like to set it up so it is available on any network. I have a static IP.
Because of how my network setup is I am having some problems, and hope someone here might have some guidance.
I have a UniFi UXG-PRO. This is set up behind a TP link router and the ISP router (not optimal I know). This was done since the UXG could not get online directly behind the ISP router due to reasons only the ISP knows and refuses to tell me.
Within the ISP router I have set up port forwarding to the UXG, and in the UXG I have port forwarding to the ftp server. Is this the correct way to do this within my setup?
The ISP and UXG router are both on x.x.1.x, and the TPLink is on x.x.0.x if it matters. I am not able to reach the server from the ISP router network, only the UXG, even with port forwarding enabled. Firewall on the server is set to allow ftp connections on port 21
software firewall on your ftp server has to be configured and enabled to allow external connections, also try to troubleshoot the connection with a detailed log to check further issue
FTPS or SFTP I hope? Because IF not I would go back to the planning phase.
I would not recommend this. Is it no option for you to use von to access the network and leave the ftp inside?
VPN is not a option sadly. It is primarily a project to learn how it all works.
Goal is to set up a automated file transfer over ftp to my server.
Pleeeease don’t open an FTP server to the outside world - the potential of you landing in a world of shit is just too high.
Swap your learning project to running a vpn endpoint instead, you’ll understand more the reasons why as you go through the work. 😊
If, as you write, it will be over sftp, then why are you forwarding port 21? Port 21 is FTP, plus you need your NAT router to also be able to negotiate the data channel on a separate port.
If you don’t know you need this, then you may be in for a big surprise when you go down that rabbit hole and try to implement it.
It’s much easier to forward port 22 and use sftp. It’s also much more secure, particularly if you use ssh keys instead of passwords.
