By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

FTP on AWS using ALB

0

Hi All, I'm currently working on a Lift & Shift program. We have an existing FTP server in DC which needs to be moved to AWS. We proposed a solution by keeping the FTP server in a private subnet and exposed using an NLB(elastic IP assigned) which is provsioned in a public subnet. One of the reviewers made a comment about going for an AWS ALB and keep a WAF infront of this to protect. Existing proposal is to protect using NACL at Subnet level and SG at instance level.

Is it advisable to use an ALB to meet this requirement?

Thanks Suhas

Topics
Networking & Content Delivery
Tags
Elastic Load Balancing
Language
English
SVen
asked 9 months ago830 views
2 Answers
1
Accepted Answer

Hello.
ALB is a load balancer that operates at Layer 7.
Only HTTP and HTTPS can be used as ALB protocols.
Therefore, it is not possible to set ALB at the front of the FTP server.
https://docs.aws.amazon.com/elasticloadbalancing/latest/application/introduction.html

It is also not recommended to FTP to the public.
If you do, we recommend using Site to Site VPN or Client VPN to encrypt your communications.
Setting up a VPN allows connections using private IP addresses.
https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/what-is.html
https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html

profile picture
EXPERT
Riku_Kobayashi
answered 9 months ago
0

Thanks Riku for your response on this, this is my understanding as well. In this case we can't have a site to site VPN - there are solutions under review to replace this legacy solution.

SVen
answered 9 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content