I have a machine, which is the Host and has HAProxy installed in it and working. Then I have a Guest KVM virtual machine running inside the Host with an IP 192.168.122.152. I installed an FTP server in the Guest machine with VSFTPD.

From the Host, if I try the command $ ftp -p 192.168.122.152, works perfectly and I can connect to the Guest FTP. I need to remark that this FTP is configured as passive, but both passive and active connections are working from the Host.

This is an extract of part of /etc/vsftpd.conf in the Guest:

# Passive mode
connect_from_port_20=NO
tcp_wrappers=YES
listen_address=192.168.122.152
pasv_enable=YES
pasv_promiscuous=NO
port_enable=YES
port_promiscuous=NO
pasv_max_port=10000
pasv_min_port=10250

Now it's time to make it accessible from outside, so I configure /etc/haproxy/haproxy.cfg like this:

listen FTP_Default *:21
  server ftp01 192.168.122.152 check port 21 inter 10s rise 1 fall 2

listen FTP_Range *:10000-10250
  server ftp01 192.168.122.152 check port 21 inter 10s rise 1 fall 2

But if I try to connect from other machine in internet $ ftp -p $PUBLICIP, it only responds: Connected to <PUBLICIP>, but it doesn't ask for the login and password.

Something in the HAProxy config must be wrong, because it's the only point where it fails. By the way, I tried to adapt my configuration to this one in this blog.

Thanks.