FREENAS + DDNA + FTP = I'm Lost

[HellaSancho]

Hey All,

I'm not finding a concise guide or discussion walking through this process so...

I'm VERY new to networking in general and I'm attempting to setup an FTP server to be accessed outside of my local network. I have a general idea of what I need to do to get this done but I'm getting a bit lost in a slew of failed attempts... So here's where I am:

I set up my shared volume on my local network. All's well there. I then set up an ftp server in freenas which works fine via my LAN. I now want to be able to access my ftp server outside of the network through a domain I have obtained from no-ip.

Questions:

How do I go about doing this? What IP address do I give no-ip as a host? What ports do I forward to allow traffic between my FTP server and the outside world? How do I setup freenas to update the host IP no-ip uses to point to my ftp server?

Thanks for any help!

(PS: I'm trying to keep hardware agnostic if possible to increase the usefulness of this discussion)

 

[tingo]

no-ip (and other dynamic DNS services) need your public IP address, generally the IP address on the outside interface of your firewall (substitute "router" or "modem" here, if applicable).
Generally, it is useful to run a DynDNS client on a machine inside of your network, which takes care of updating no-ip (or other DynDNS service) if your public ip address changes.
FreeNAS has a DynDNS client built-in, see the documentation: http://doc.freenas.org/index.php/Dynamic_DNS


Port forwarding (often also known as network address translation - NAT) is a different subject. In general, you will need to figure out which port a protocol uses, then forward those ports in your firewall / router (how to do that is dependent of the specific router or firewall) to the (internal) ip address of the machine running the service(s) youwant to expose on the internet. The ftp protocol is not a very good protocol for NATing, because it uses random high ports for the data connectiin, in addition to port 21 (the control conection). You need what is known as a "ftp proxy" on your router / firewall to get a ftp server working without fuss / changes behind NAT. It is also possible to run ftp in "passive mode", but that must be done from the client side.

Lastly, are you sure you want to run a ftp server on the internet? FTP is a very old protocol, and in it's basic configuration it sends all information (including usernames and passwords) as clear text; that means that anyone who manages to listen in on either the server or client side of an ftp transaction can read all usernames and passwords.
I suggest you use ssh /scp or even FTPS instead.