Installing FTP Server and Mapping FTP Directories in Zentyal PDC – Part 8

Samba shares are a excellent choice for enabling users with extra storage on Zentyal Server but SMB ( Server Message Block) protocol is designed to run on local network over TCP/IP protocol stack and NetBIOS. So, that disables users access on samba shares over a public network like Internet.

Install Mapping FTP Folders in Zentyal PDC
Install Mapping FTP Folders in Zentyal PDC

Here the FTP protocol comes in play…designed as a server-client architecture that runs only on TCP/IP, a FTP server provides a way for users to login using a username and a password, connect anonymously and encrypt data flow with some degree of security by using SSL/TLS and SFTP (over SSH).

Vsftpd package is the default FTP server in the Zentyal 3.4 Server Community Edition.

Requirements

  1. Install Zentyal PDC and Integrate Windows Machine
  2. Manage Zentyal PDC from Windows Machine

Step 1: Install FTP Server

1. To install FTP Server open Putty and connect through SSH protocol on your Zentyal 3.4 Server using server domain name or IP.

Connect to Server
Connect to Server

2. Login with root account and install Zentyal FTP server using ‘apt-get‘ package manager.

# apt-get install zentyal-ftp
Install FTP
Install FTP

3. After the package installation finishes open a browser and connect to Zentyal Web Admin Tool ( https://zentyal_IP ). Go to Module Status, check FTP module, hit Save Changes and Save.

Module States Configuration
Module States Configuration

Now your FTP Server is installed and enabled on Zentyal 3.4 PDC but don’t close the browser yet.

Step 2: Add DNS CNAME for Domain

Let’s add a DNS CNAME (alias ) for this domain name ( some programs can translate this DNS record directly into ftp protocol ).

4. On the same window navigate to DNS Module and click on Hostnames icon under your domain name.

ADD DNS CNAME
ADD DNS CNAME

5. On your Zentyal Host Name Record click on Alias icon.

Select Domain Alias
Select Domain Alias

6. Hit Add New button, enter “ftp” on Alias filed and click ADD button.

Enter FTP Alias
Enter FTP Alias

7. On right top corner hit Save Changes button and confirm with Save to apply settings.

Save Changes
Save Changes

8. Your DNS Alias has been added and you can test it with nslookup command on Remote Windows machine.

nslookup ftp.mydomain.com
Verify FTP Alias
Verify FTP Alias

Alternative you can check this record by running DNS Manager installed on Remote Windows Server Tools and verify Domain Zone.

Check FTP Record
Check FTP Record

Step 3: Setup FTP Configuration Server

9. Now is time to setup FTP configuration Server. Go to FTP Module and use the following configuration.

  1. Anonymous access = Disabled ( users without an account can’t login ).
  2. Check Personal Directories (self explained).
  3. Check Restrict to personal directories ( users can’t access path above their homes root ).
  4. SSL support = Allow SSL (FTPS Secure Sockets Layers encryption on FTP ).
FTP Setup
FTP Setup
FTP Configuration Settings
FTP Configuration Settings

10. Hit Change -> Save Changes and confirm with Save for enabling vsftp new configuration.

Step 4: Configure Firewall for FTP

Because we have configured Zentyal FTP Server to use SSL encryption some ports will be assigned dynamically by application layer, Zentyal Firewall by default won’t allow incoming ftp passive connections file transfers and directory listings required on ports above 1024 ( 1024 – 65534 ) so we need to open the whole port range.

11. To allow this port range first go to Network -> Services and click on Add New button.

Add New Service
Add New Service

12. On the new prompt enter “ftp-passive” string on in Service Name field, a service Description and click on ADD button.

Enter Service Name
Enter Service Name

13. In the newly created entry (ftp-passive in this case) on Service List hit on Configuration icon.

Select Configuration
Select Configuration

14. On Service Configuration hit Add New and enter the following setting .

  1. Protocol = TCP
  2. Source Port = Any
  3. Destination Port = select Port range form 1024 to 65534

Hit ADD button and Save Changes to apply configuration.

Enter Service Details
Enter Service Details

15. To open firewall for this port range service navigate to Firewall module – > Packet Filter -> Configure Rules on Internal Networks to Zentyal (Local Inbound).

Configure Firewall Rules
Configure Firewall Rules

16. Click on ADD NEW and enter the following setting on this rule.

  1. Decision = ACCEPT
  2. Source = Any
  3. Service = select ftp-passive ( the service just created )
  4. Description = a short description of this rule
  5. Hit on ADD button then go above and Save Changes
Add a New Rule
Add a New Rule
Save New Rules
Save New Rules

Zentyal Firewall is now opened to receive incoming connection on ports above 1024 required by passive ftps clients on your local network segment.

If your Zentyal is not a Gateway ( in this case is not) but a internal server that offers services only to your inside local networks segments you should add this rules – open ports (ftp and ftp-passive) for External Networks to Zentyal and configure port forward from your edge router to Zentyal IP address in case you reside on a IP Private Space.

Step 5: Folder Mapping on FTP Shares

After all Zentyal FTP and Firewall configurations applied is time to do some folder mapping on FTP shares.

Mapping on Windows

17. On Windows 8.1 open Explorer to This PC and click on Add a Network Location ->Choose a custom network location -> Next.

FTP Folder Mapping on Windows
FTP Folder Mapping on Windows

18. On the location prompt type your Zentyal domain name prefixed by ftp protocol.

Add Network Location
Add Network Location

19. Enter a username and a name for this network location hit Finish and your ftp share will appear under Computer drives.

Add a User Name
Add a User Name
Enter Network Location
Enter Network Location
Verify Network Location
Verify Network Location

20. At the FTP dialog login enter desired credentials to login on FTP server.

Login FTP Share
Login FTP Share
FTP Share Folders
FTP Share Folders

21. To access ftp shares you can also use a browser like Mozilla Firefox or other browsers as well just by entering the DNS ftp Alias created earlier.

Access FTP Shares via Browser
Access FTP Shares via Browser
FTP Share Browser View
FTP Share Browser View
Other recommended programs to access ftp shares

WinSCP ( supports SFTP and FTP with SSL/TLS and SCP ) – only Windows Based systems.

  1. Download page : http://winscp.net/eng/download.php
Access FTP Share via WinSCP
Access FTP Share via WinSCP

Filezilla Client ( supports FTP with SSL/TLS and SFTP ) – Windows , Linux, Mac OS, Unix.

  1. Download page : https://filezilla-project.org/download.php
Access FTP Share via Filezilla
Access FTP Share via Filezilla
Mapping on Ubuntu

22. Open Nautilus file manager, hit Connect to Server ,enter Server Address ,supply your credentials and bookmark your mounted ftp share.

FTP Folder Mapping on Ubuntu
FTP Folder Mapping on Ubuntu
Bookmark FTP Share
Bookmark FTP Share
Mapping on CentOS

23. Enter FTP Server address in Nautilus file manager Location , supply your credentials and bookmark your mounted ftp share.

FTP Folder Mapping on CentOS
FTP Folder Mapping on CentOS

The same way you can also map samba or windows shares.

Now you have a full working network environment where users have access to their own files hosted on Zentyal 3.4 Server even if they are accessing from a Internal or External network despite on used Operating System.

Hey TecMint readers,

Exciting news! Every month, our top blog commenters will have the chance to win fantastic rewards, like free Linux eBooks such as RHCE, RHCSA, LFCS, Learn Linux, and Awk, each worth $20!

Learn more about the contest and stand a chance to win by sharing your thoughts below!

Matei Cezar
I'am a computer addicted guy, a fan of open source and linux based system software, have about 4 years experience with Linux distributions desktop, servers and bash scripting.

Each tutorial at TecMint is created by a team of experienced Linux system administrators so that it meets our high-quality standards.

Join the TecMint Weekly Newsletter (More Than 156,129 Linux Enthusiasts Have Subscribed)
Was this article helpful? Please add a comment or buy me a coffee to show your appreciation.

6 Comments

Leave a Reply
  1. Let me say first… Great tutorial!

    Now second, my question. Now that version 4.1 is the latest stable release, i can’t seem to find the package “zentyal-ftp” using apt-get?
    In all ways the package list is a bit shorter than first, but didn’s come to any problems besides ftp and mysql.

    Any idea how to install ftp in a proper way, i mean zo i have it shown up in the console to. If you know a way for mysql or phpmyadmin i would be very pleased to hear your opinion about how to use that in version 4.1 ( maby a bit offtopic, but still… )

    Thanks in advance!

    Greetings!

    Reply
    • Zentyal 4.1 has removed FTP server from their custom zentyal configuration! But you can still install, configure and use a variant of ftp server as standalone without shipping with zentya-ftp server, although you must manually configure the server only from command line, not by using zentyal web interface. Same this is valid for MySQL and phpmyadmin! Install, configure and manage them only from CLI!

      Reply
  2. Add a system user with his home path as the folder that you want to commonly share it: useradd your_ftp_user
    usermod -m -d /path/to/common/folder/ your_ftp_user

    Reply
  3. Very nice instruction set.

    I am searching on how to give access to a common folder via ftp from all users, such as the ‘www’ server folder, or ‘public dropbox’ etc.

    Any thoughts?

    Reply
  4. hello brother..

    i am looking for a software which can control through centralize admin console.

    for instance, if my laptop is connected through wire and if tried to connect wireless at same time then system simply does not allow it until i unplugged my wire.

    any 3rd party server based software can be helpful.

    any idea?

    Reply
  5. Hi ,

    I have install mail server on Zentyal and wanted to use the open manage option for Ms-outlook.
    I have configure it on the server but it required one external interface on the server.
    To access the interface on public network I have NATed through the firewall.

    When I configured the interface as internal its get accessible on public IPI but when I configured the interface as external its become the not accessible on public IP.

    Please suggest how to configured this ?

    Regards
    Ashish B

    Reply

Got Something to Say? Join the Discussion...

Thank you for taking the time to share your thoughts with us. We appreciate your decision to leave a comment and value your contribution to the discussion. It's important to note that we moderate all comments in accordance with our comment policy to ensure a respectful and constructive conversation.

Rest assured that your email address will remain private and will not be published or shared with anyone. We prioritize the privacy and security of our users.