Limit Plain FTP Connections to Specific Set of IP Addresses

Home Forums General FTP Client Help Limit Plain FTP Connections to Specific Set of IP Addresses

  • This topic is empty.
Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #30432
    graphicequaliser
    Participant

    Is it possible to set up Cerberus so that SFTP connections function as normal, but FTP can use plain text if it is coming from a known set of IP addresses (inside our VPN in our case)? How does one do this?

    Also, in Simple Directory Mode, you cannot navigate the directory back up to your root, after navigating down through subdirectories (seems like a bug, but it may be a security measure).

    TIA, regards,

    Mark Jacobs

    #36866
    graphicequaliser
    Participant

    I found a way to do it. You have to set up a new inbound rule for port 21 for Windows firewall with the Scope limited to the remote IP addresses you require. Then, you have to change the “Cerberus FTP Server” rule to only allow TCP ports 22, and 11000-13000. Then allow plain text ftp through Cerberus under Configure, Interfaces, point at the non-default port 21 FTP interface, and uncheck the 2 checkboxes under the “Security” section. Thank goodness for Windows Firewall settings being so flexible under Windows 2008 R2. :)

Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.
Close Cart

Shopping Cart