Vsftpd TLS In Passive Mode for WAN?
I followed another thread (/forum/t-274551), and got encryption to work for vsftpd, but only in active mode. This is using tomato shibby:
Firewall:
iptables -I INPUT -p tcp --dport 60000:61000 -j ACCEPT
Vsftpd Custom Configuration:
ssl_enable=YES
allow_anon_ssl=NO
require_ssl_reuse=YES
force_local_data_ssl=NO
force_local_logins_ssl=NO
ssl_tlsv1=NO
ssl_sslv2=YES
ssl_sslv3=YES
rsa_cert_file=/tmp/etc/cert.pem
rsa_private_key_file=/tmp/etc/key.pem
pasv_enable=YES
port_enable=YES
pasv_min_port=60000
pasv_max_port=61000
Encrypted active mode works, and unencrypted passive mode works. I've been fooling around with these settings and googling for a few hours. What have I missed?