Forum Discussion
Passive FTP using FTP profile
I checked this further and I cannot find any difference. I checked if I missed something in my vsftpd.conf... nope.
Your VS config seems OK, too. Can you check for the destination 0.0.0.0:0 (any) and the iRule? That seems off....
In my Wireshark capture it looks like this:
vsftp server ----> floating self-IP >> ftp.passive.ip==<IP address of the vsftp server>
virtual server ----> client >> ftp.passive.ip==<IP address of the F5 virtual>
So the value for ftp.passive.ip get's updated and replaced properly.
I tried with FileZilla and WinSCP, no special config required there either. Just works.
Yes I added your Irule.
Are you using a single interface ?? are you ftp setup residing on AWS ? Because my test lab includes a single interface on the F5 with a EIP(AWS) attached.
so, I realized that the FTP profile is just translating the IP address configured as pasv_address on the ftp server to the address configured on the vip as "destination address" only when ( no pasv_address is configured in the ftp, configured pointing public ip of ftp server or if its configured using private IP address), but if pasv_address is manually configured to be the Public ip address of the F5, nothing is translated and the client received
421 Service not available, remote server has closed connection
Passive mode refused.
but, if I leave the ftp server pasv_address option pointing to the Public ip address of the F5 , remove the ftp profile on the VIP and change service port to "all ports" works perfectly.
so, seems to me (maybe i'm completely wrong) that the ftp profile is unable to translate the received pasv_address (no matter is received) to the Public IP that the F5 has assigned for AWS( EIP)
make sense?
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com