Set Up SFTP/Applicaion Server On Azure VM behind Firewall
Scenario:
Set Up SFTP Server On Azure VM behind FortiGate Firewall.
1. Business request
Set up a file transfer server with public internet access.
2. security concern
The common ways are FTP, FTPS, or SFTP:
The FTPS requires applying the certificates to the FTP service, So I deceived to go for SFTP.
SolarWinds SFTP & SCP Server is a Free SFTP server App.
3. Deployment
3.1 Set up SFTP on VM
Download the software to Server and install it
https://www.solarwinds.com/free-tools/free-sftp-server
Redirect the Root Directory
Create user to login
verify the SFTP service is running on localhost
3.2 Config Host firewall and Azure NSG to allow SFTP service
Add Port 22 TCP into host firewallAdd Port 22 TCP into Azure NSG
Verify the SFTP service is reachable for internal user
3.3 Config Fortigate firewall to allow external access
Firewall Port Fording
Firewall policy rule with Whitelist control
Test SFTP connection from approved external IP
Contributed by Trevor Shi.
Comments