Ftp chapter 6. security mechanisms 142 – D-Link DFL-2500 User Manual

To make it possible to connect to this server from the Internet using the FTP ALG, the FTP ALG and rules should
be configured as follows:

Web Interface

A. Define the ALG:

1.

Go to Objects > ALG > Add > FTP ALG

2.

Enter Name: ftp-inbound

3.

Check Allow client to use active mode

4.

Uncheck Allow server to use passive mode

5.

Click OK

B. Define the Service:

1.

Go to Objects > Services > Add > TCP/UDP Service

2.

Enter the following:

•

Name: ftp-inbound

•

Type: select TCP from the list

•

Destination: 21 (the port the FTP server resides on)

•

ALG: select the "ftp-inbound" that has been created

3.

Click OK

C. Define a rule to allow connections to the public IP on port 21 and forward that to the internal FTP server:

1.

Go to Rules > IP Rules > Add > IPRule

6.2.3. FTP

Chapter 6. Security Mechanisms

142