VanDyke Software

Configuring VShell® to allow FTP connections


Configuring VShell to allow FTP connections

Although FTP is not a secure method of file transfer, VShell can be configured to allow plain text FTP connections by following these steps:

  1. Ensure you have installed VShell with FTPS.
  2. In the VShell Control Panel, select the FTPS category.
  3. On the FTPS category, for SSL encryption, select Do not require encryption.
  4. Ensure that the desired users/groups are specified in the Access Control category with permissions to allow Logon and FTPS (at a minimum).

Now, any users/groups with permission to access VShell should be able to do so with FTP.  Additionally, you may want to lock users' FTP access to a particular folder on the VShell server using virtual roots.
If after following the instructions above a user still cannot connect with FTP, you may want to check firewalls to see if they are preventing access to the VShell server. The standard port 21 is the port on which the FTP protocol operates for control connections. In addition to port 21 being opened on the firewall, ports > 1024 would also need to be opened to allow for PASV data connections to be successfully routed to the VShell server. You can narrow the range of ports required for data connections to be opened on the firewall, by following these steps:

  1. Open the VShell Control Panel and select the FTPS category.
  2. Enable the Restrict port range for passive data connections option.
  3. Specify the range of ports you desire. For example, a range of 7721 - 7731 would require only those 10 ports be opened on the firewall for data connections to be routed from the firewall to the VShell machine.