Forum Discussion
Create VIP for FTP with TLS
Hi Forum,
I would like to create a VIP for a FTP Server with TLS.
Behind our BIG IP LTM (Version 15.1.51) I have installed a Server with vsftp.
When I connect directly to this Server I have no problem to connect with TLS.
If I use the Public address (mean I come from outside via F5) I can connect but then I get an error about the "Data Port"
If I allow all Ports on the VIP and Pool, everything is fine, but this is not an option for me 😞
Does anybody has a hint for me. I found nothing here in this forum about FTP with TLS.
Here are my configs
ltm virtual /IN_FTP {
description "FTP Server"
destination 555.666.777.888:21
ip-protocol tcp
last-modified-time 2022-07-06:19:11:46
mask 255.255.255.255
pool /FTP
profiles {
/Common/ftp { }
/Common/tcp { }
}
serverssl-use-sni disabled
source 0.0.0.0/0
source-address-translation {
type automap
}
translate-address enabled
translate-port enabled
vlans {
/Common/epfrontyard
/Common/epproduction
/Common/grenznetz_web_1
/Common/grenznetz_web_2
}
vlans-enabled
}
ltm pool FTP {
description "FTP server "
members {
/ftp1:21 {
address 111.222.333.444
}
}
monitor /Common/gateway_icmp
Hi Joern_Oltmann,
Performance (Layer 4) type virtual server is recommended for ftps. Can you review the articles?
https://support.f5.com/csp/article/K9347
https://support.f5.com/csp/article/K52444438
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com