Lets start with my experience on FTP server for Linux. To start configuring FTP on a linux machine, the discussion would be helpful to you. Once we planned a FTP server solution for employees to help them sharing documents with other employees inside intranet and those who were working remotely and our partners. So what I did, went to the server setting of my Redhat Server and updated installation for vsftpd service, the daemon or self invoking process that runs FTP on the server. It asked for the Redhat CD and I entered it inside CD ROM. Once the vsftpd installation was finished from server settings window. After the installation of vsftpd, I started the service using command service vsftpd start on the linux terminal or command line interface. And checked the status of the service by using service vsftpd status command. The service was running successfully. I went to the address bar and checked ftp://localhost and shown me some public folder of the FTP server. I went to the configuration file for vsftpd service called vsftpd.conf and edited it for anonymous connections and disallowed them by selecting NO. Now what I required was FTP accounts for my users. So I went to System>>Administration>>Users & Groups and created few users and put them into FTP group. Then I went to some other client on the network which was my Lenovo Laptop and tried to access FTP Server running on my linux box. I typed the IP address of the linux machine on my windows explorer address bar using ftp protocol ie ftp://192.168.1.5 and waited for the FTP server folder to browse and ask for username and password. But guess what, nothing happened. I went to my server and disabled my firewall called iptables running on the ftp service. Again tested , again failed as I need to FTP access within LAN network on my Gateway Security Device, called ZyWALL or network firewall. Tested again and this time I was successful in getting the screen asking for username and password. I entered the username and password, I created for my self and finally got the folder, that was created by in /home diectory while creating user. The problem I faced was during browsing files using FTP client like Core FTP on my laptop. While browsing /home/puneet folder, I was not restricted to it and can go to home and / folders easily and see the files of other users inside the home directory. This was a challenge for me. So I went into my CLI on redhat box and checked for file etc/vsftpd/chroot.list and added my usernames to the file(each at next line) to restrict them to entered directories of other users or home directory. In fact I have jailed them inside their own directory and no command would change their directory while browsing and connecting from FTP clients like FileZilla, Core FTP or Cute FTP or SFTP. Later I mapped private IP 192.168.1.5 to static public IP address, that was running on the 2nd WAN port of my Security Gateway. My server was connected to the port that was under the DMZ zone to keep it separate from my LAN network. I created 1 to 1 NAT mapping (192.168.1.5 59.x.x.x). Let me remind that both my server and client were running on different subnets. My client IP address was 192.168.100.5. After mapping private IP to the public IP address for port 21, I allowed WAN to LAN connections through my firewall to publish FTP to my outside employees and partners. Assigned a subdomain ftp.domain.com to my public IP for FTP from my website control panel A records to make FTP server access easy using domain name. Now everybody was able to access FTP server with ftp://ftp.extranetworld.com and by entering therir username and passwords with a Read/Write Acces to their home user /home/user directory. We managed all other configuration from vsftpd.conf like allowing chroot users. It might be possible, if the people sitting inside same LAN network where server is hosted might not access FTP server with public IP. To solve that you need to an entry to your Gateway FQDN for opening LAN IP address for ftp.extranetworld.com . Its the easy way. Other way could be to keep your server and LAN at different public IP’s. NAT loopback is also another way to access server running on internal network with mapped public IP, and the rule automatically created while setting up vitual server rules in Security Gateway device. I have done lot of RnD on it and taken help from my friends and have also taken help from my friends Gurnek Singh Thiara and Moh. Adeel for setting up intranet FTP successfully for extranetworld.com.