Unencrypted FTP usually needs 2 ports to be forwarded. Port 1 for data and Port 2 for control.
In default this is usually port 20 and 21. So you maybe missed to forward port 20.
If you have changed the control port to something else, you will need to change accordingly. The data port is usually 1 port lower than control.
I want to make it WAN accessible, but I'm really lost...
Be aware that this might be a security risk, if you are not doing it properly.
I would avoid using FTP, especially if you (and/or the other end) are behind a NAT router. SFTP is more secure and doesn't have the potential firewall problems that FTP has.
I agree.
Here is what i did, to secure this up:
1. change standard port to a high port
2. Use encryption on data and com channel (i dont use SFTP but FTP over TLS. SFTP should be easier to setup) . Authentication using certificate
3. Use fail2ban to ban login after 3 unsuccseful login attempts
4. Configure your FTP server to not spit out too much info for login attempts. e.g. if someone tries to use a username that is unknown to my server, it will not reply at all. leaving the client in the dark
5. If you can, limit logins to a specific IP or IP range
I use GLFTPD in docker. This is great but for your purpose probably overkill and also pretty hard to configure in the beginning. So you better stick with the default SFTP of OMV.
Alternatively you can set up a VPN access and only allow FTP/SFTP on local network, tunelling through the VPN. That is probably the most secure you can do.
I use GLFTPD in docker. This is great but for your purpose probably overkill and also pretty hard to configure in the beginning. So you better stick with the default SFTP of OMV.
Alternatively you can set up a VPN access and only allow FTP/SFTP on local network, tunelling through the VPN. That is probably the most secure you can do.
How would you go about doing it? Do you have any great tutorial I can follow?
Because so far I've tried 2 full ones, and none worked...
Hey,
Sorry for my ignorance, it's my first time ever making a NAS server..
Anyway, I built my own NAS using a raspberry pi 3 I had lying around.
I've succesfully installed OMV on it, and have SMB and FTP running smoothly on LAN.
I want to make it WAN accessible, but I'm really lost...
Please can you explain your goal, perhaps a filebrowser that use https:// and user/password to access your files outside your LAN are better idea.
https://filebrowser.org/installation <- easy to install on a docker and access via Swag ( reverse proxy).
PD : you can also install wetty and gain control over your S.O. but please consider always use a reverse proxy and user/password to acess landing page.
Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!
