Installing FTP Server and Mapping FTP Directories in Zentyal PDC – Part 8

Samba shares are a excellent choice for enabling users with extra storage on Zentyal Server but SMB ( Server Message Block) protocol is designed to run on local network over TCP/IP protocol stack and NetBIOS. So, that disables users access on samba shares over a public network like Internet.

Install Mapping FTP Folders in Zentyal PDC

Install Mapping FTP Folders in Zentyal PDC

Here the FTP protocol comes in play…designed as a server-client architecture that runs only on TCP/IP, a FTP server provides a way for users to login using a username and a password, connect anonymously and encrypt data flow with some degree of security by using SSL/TLS and SFTP (over SSH).

Vsftpd package is the default FTP server in the Zentyal 3.4 Server Community Edition.

Requirements

  1. Install Zentyal PDC and Integrate Windows Machine
  2. Manage Zentyal PDC from Windows Machine

Step 1: Install FTP Server

1. To install FTP Server open Putty and connect through SSH protocol on your Zentyal 3.4 Server using server domain name or IP.

Connect to Server

Connect to Server

2. Login with root account and install Zentyal FTP server using ‘apt-get‘ package manager.

# apt-get install zentyal-ftp
Install FTP

Install FTP

3. After the package installation finishes open a browser and connect to Zentyal Web Admin Tool ( https://zentyal_IP ). Go to Module Status, check FTP module, hit Save Changes and Save.

Module States Configuration

Module States Configuration

Now your FTP Server is installed and enabled on Zentyal 3.4 PDC but don’t close the browser yet.

Step 2: Add DNS CNAME for Domain

Let’s add a DNS CNAME (alias ) for this domain name ( some programs can translate this DNS record directly into ftp protocol ).

4. On the same window navigate to DNS Module and click on Hostnames icon under your domain name.

ADD DNS CNAME

ADD DNS CNAME

5. On your Zentyal Host Name Record click on Alias icon.

Select Domain Alias

Select Domain Alias

6. Hit Add New button, enter “ftp” on Alias filed and click ADD button.

Enter FTP Alias

Enter FTP Alias

7. On right top corner hit Save Changes button and confirm with Save to apply settings.

Save Changes

Save Changes

8. Your DNS Alias has been added and you can test it with nslookup command on Remote Windows machine.

nslookup ftp.mydomain.com
Verify FTP Alias

Verify FTP Alias

Alternative you can check this record by running DNS Manager installed on Remote Windows Server Tools and verify Domain Zone.

Check FTP Record

Check FTP Record

Step 3: Setup FTP Configuration Server

9. Now is time to setup FTP configuration Server. Go to FTP Module and use the following configuration.

  1. Anonymous access = Disabled ( users without an account can’t login ).
  2. Check Personal Directories (self explained).
  3. Check Restrict to personal directories ( users can’t access path above their homes root ).
  4. SSL support = Allow SSL (FTPS Secure Sockets Layers encryption on FTP ).
FTP Setup

FTP Setup

FTP Configuration Settings

FTP Configuration Settings

10. Hit Change -> Save Changes and confirm with Save for enabling vsftp new configuration.

Step 4: Configure Firewall for FTP

Because we have configured Zentyal FTP Server to use SSL encryption some ports will be assigned dynamically by application layer, Zentyal Firewall by default won’t allow incoming ftp passive connections file transfers and directory listings required on ports above 1024 ( 1024 – 65534 ) so we need to open the whole port range.

11. To allow this port range first go to Network -> Services and click on Add New button.

Add New Service

Add New Service

12. On the new prompt enter “ftp-passive” string on in Service Name field, a service Description and click on ADD button.

Enter Service Name

Enter Service Name

13. In the newly created entry (ftp-passive in this case) on Service List hit on Configuration icon.

Select Configuration

Select Configuration

14. On Service Configuration hit Add New and enter the following setting .

  1. Protocol = TCP
  2. Source Port = Any
  3. Destination Port = select Port range form 1024 to 65534

Hit ADD button and Save Changes to apply configuration.

Enter Service Details

Enter Service Details

15. To open firewall for this port range service navigate to Firewall module – > Packet Filter -> Configure Rules on Internal Networks to Zentyal (Local Inbound).

Configure Firewall Rules

Configure Firewall Rules

16. Click on ADD NEW and enter the following setting on this rule.

  1. Decision = ACCEPT
  2. Source = Any
  3. Service = select ftp-passive ( the service just created )
  4. Description = a short description of this rule
  5. Hit on ADD button then go above and Save Changes
Add a New Rule

Add a New Rule

Save New Rules

Save New Rules

Zentyal Firewall is now opened to receive incoming connection on ports above 1024 required by passive ftps clients on your local network segment.

If your Zentyal is not a Gateway ( in this case is not) but a internal server that offers services only to your inside local networks segments you should add this rules – open ports (ftp and ftp-passive) for External Networks to Zentyal and configure port forward from your edge router to Zentyal IP address in case you reside on a IP Private Space.

Step 5: Folder Mapping on FTP Shares

After all Zentyal FTP and Firewall configurations applied is time to do some folder mapping on FTP shares.

Mapping on Windows

17. On Windows 8.1 open Explorer to This PC and click on Add a Network Location ->Choose a custom network location -> Next.

FTP Folder Mapping on Windows

FTP Folder Mapping on Windows

18. On the location prompt type your Zentyal domain name prefixed by ftp protocol.

Add Network Location

Add Network Location

19. Enter a username and a name for this network location hit Finish and your ftp share will appear under Computer drives.

Add a User Name

Add a User Name

Enter Network Location

Enter Network Location

Verify Network Location

Verify Network Location

20. At the FTP dialog login enter desired credentials to login on FTP server.

Login FTP Share

Login FTP Share

FTP Share Folders

FTP Share Folders

21. To access ftp shares you can also use a browser like Mozilla Firefox or other browsers as well just by entering the DNS ftp Alias created earlier.

Access FTP Shares via Browser

Access FTP Shares via Browser

FTP Share Browser View

FTP Share Browser View

Other recommended programs to access ftp shares

WinSCP ( supports SFTP and FTP with SSL/TLS and SCP ) – only Windows Based systems.

  1. Download page : http://winscp.net/eng/download.php
Access FTP Share via WinSCP

Access FTP Share via WinSCP

Filezilla Client ( supports FTP with SSL/TLS and SFTP ) – Windows , Linux, Mac OS, Unix.

  1. Download page : https://filezilla-project.org/download.php
Access FTP Share via Filezilla

Access FTP Share via Filezilla

Mapping on Ubuntu

22. Open Nautilus file manager, hit Connect to Server ,enter Server Address ,supply your credentials and bookmark your mounted ftp share.

FTP Folder Mapping on Ubuntu

FTP Folder Mapping on Ubuntu

Bookmark FTP Share

Bookmark FTP Share

Mapping on CentOS

23. Enter FTP Server address in Nautilus file manager Location , supply your credentials and bookmark your mounted ftp share.

FTP Folder Mapping on CentOS

FTP Folder Mapping on CentOS

The same way you can also map samba or windows shares.

Now you have a full working network environment where users have access to their own files hosted on Zentyal 3.4 Server even if they are accessing from a Internal or External network despite on used Operating System.

Best Affordable Linux and WordPress Services For Your Business
Outsource Your Linux and WordPress Project and Get it Promptly Completed Remotely and Delivered Online.

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Get your own self-hosted blog with a Free Domain at ($3.45/month).
  4. Become a Supporter - Make a contribution via PayPal
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

Matei Cezar

I'am a computer addicted guy, a fan of open source and linux based system software, have about 4 years experience with Linux distributions desktop, servers and bash scripting.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

6 Responses

  1. Robert says:

    Let me say first… Great tutorial!

    Now second, my question. Now that version 4.1 is the latest stable release, i can’t seem to find the package “zentyal-ftp” using apt-get?
    In all ways the package list is a bit shorter than first, but didn’s come to any problems besides ftp and mysql.

    Any idea how to install ftp in a proper way, i mean zo i have it shown up in the console to. If you know a way for mysql or phpmyadmin i would be very pleased to hear your opinion about how to use that in version 4.1 ( maby a bit offtopic, but still… )

    Thanks in advance!

    Greetings!

    • Matei Cezar says:

      Zentyal 4.1 has removed FTP server from their custom zentyal configuration! But you can still install, configure and use a variant of ftp server as standalone without shipping with zentya-ftp server, although you must manually configure the server only from command line, not by using zentyal web interface. Same this is valid for MySQL and phpmyadmin! Install, configure and manage them only from CLI!

  2. Matei Cezar says:

    Add a system user with his home path as the folder that you want to commonly share it: useradd your_ftp_user
    usermod -m -d /path/to/common/folder/ your_ftp_user

  3. Dave Henderson says:

    Very nice instruction set.

    I am searching on how to give access to a common folder via ftp from all users, such as the ‘www’ server folder, or ‘public dropbox’ etc.

    Any thoughts?

  4. Hammad says:

    hello brother..

    i am looking for a software which can control through centralize admin console.

    for instance, if my laptop is connected through wire and if tried to connect wireless at same time then system simply does not allow it until i unplugged my wire.

    any 3rd party server based software can be helpful.

    any idea?

  5. ashish bagayatkar says:

    Hi ,

    I have install mail server on Zentyal and wanted to use the open manage option for Ms-outlook.
    I have configure it on the server but it required one external interface on the server.
    To access the interface on public network I have NATed through the firewall.

    When I configured the interface as internal its get accessible on public IPI but when I configured the interface as external its become the not accessible on public IP.

    Please suggest how to configured this ?

    Regards
    Ashish B

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.