View Full Version : Cant login to FTP
british.assassin
4th October 2006, 23:45
Hi
I have just set up my server according to this guide: http://howtoforge.com/perfect_setup_centos_4.3
The problem I am having is that I can not login to ftp to access my webspace. I can access it via the web-ftp thing fine, but when I try to connect via my ftp client, is keeps saying "connection failed (connection lost)"
Does anyone have anyidea why this is happening?
Thanks,
british.assassin
bluethunder82
5th October 2006, 06:29
Which ftp server are you running? vsftp or proftpd. Your system will install vsftp by default but the perfect setup recommends changing it.
I use vsftp:
Without knowing much else about your problem make sure your .conf file has local_enable=YES uncommented.
Also, are you using web[ID]_username?
I'm sure once we know more someone else can help you or I can suggest something else.
till
5th October 2006, 10:48
WebFTP uses the normaql FTP commands, this means FTP is working on your server. Please check your firewall if it allows FTP. Have you tried active and passive FTP mode?
british.assassin
6th October 2006, 10:59
Which ftp server are you running? vsftp or proftpd. Your system will install vsftp by default but the perfect setup recommends changing it.
I use vsftp:
Without knowing much else about your problem make sure your .conf file has local_enable=YES uncommented.
Also, are you using web[ID]_username?
I'm sure once we know more someone else can help you or I can suggest something else.
I use proftpd for my ftp server and I am using [domain]_username for the username (I changed it to this in the ISPConfig settings)
WebFTP uses the normaql FTP commands, this means FTP is working on your server. Please check your firewall if it allows FTP. Have you tried active and passive FTP mode?
I am using the standard ISPConfig firewall which has port 21 TCP open. I tried using both passive and active when connecting, but they both came up with the same error.
british.assassin
till
6th October 2006, 11:02
Please post the output of:
netsat -tap
british.assassin
6th October 2006, 20:36
Please post the output of:
netsat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:32768 *:* LISTEN 2186/rpc.statd
tcp 0 0 *:51234 *:* LISTEN 4684/server_linux
tcp 0 0 *:14534 *:* LISTEN 4684/server_linux
tcp 0 0 *:mysql *:* LISTEN 12425/mysqld
tcp 0 0 *:sunrpc *:* LISTEN 2167/portmap
tcp 0 0 *:10000 *:* LISTEN 4543/perl
tcp 0 0 *:81 *:* LISTEN 3041/ispconfig_http
tcp 0 0 *:ftp *:* LISTEN 3533/proftpd: (acce
tcp 0 0 C0A80002.tipt.aol.co:domain *:* LISTEN 3161/named
tcp 0 0 server.evowebs.co.uk:domain *:* LISTEN 3161/named
tcp 0 0 *:ipp *:* LISTEN 10507/cupsd
tcp 0 0 *:smtp *:* LISTEN 6936/master
tcp 0 0 server.evowebs.co.uk:rndc *:* LISTEN 3161/named
tcp 0 0 *:imaps *:* LISTEN 11864/dovecot
tcp 0 0 *:pop3s *:* LISTEN 11864/dovecot
tcp 0 0 *:pop3 *:* LISTEN 11864/dovecot
tcp 0 0 *:imap *:* LISTEN 11864/dovecot
tcp 0 0 *:http *:* LISTEN 3064/httpd
tcp 0 0 *:ssh *:* LISTEN 10958/sshd
tcp 0 0 *:https *:* LISTEN 3064/httpd
tcp 0 0 C0A80002.tipt.aol.com:ssh C0A80004.tipt.aol.com:1375 ESTABLISHED 12283/1
falko
7th October 2006, 13:02
Is your server located in your LAN? If so, are you tgrying to connect from inside or outside your LAN?
What's the output of iptables -L? Did you disable SELinux?
british.assassin
7th October 2006, 19:38
Is your server located in your LAN? If so, are you tgrying to connect from inside or outside your LAN?
What's the output of iptables -L? Did you disable SELinux?
My server is located in my LAN and I am trying to connect to it from inside my LAN. I did disable SELinux. The output of iptables -L is:
Chain INPUT (policy DROP)
target prot opt source destination
DROP tcp -- anywhere 127.0.0.0/8
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
DROP all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
DROP all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
Chain INT_IN (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
DROP all -- anywhere anywhere
Chain INT_OUT (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain PAROLE (11 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain PUB_IN (4 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp echo-reply
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp echo-request
PAROLE tcp -- anywhere anywhere tcp dpt:ftp
PAROLE tcp -- anywhere anywhere tcp dpt:ssh
PAROLE tcp -- anywhere anywhere tcp dpt:smtp
PAROLE tcp -- anywhere anywhere tcp dpt:domain
PAROLE tcp -- anywhere anywhere tcp dpt:http
PAROLE tcp -- anywhere anywhere tcp dpt:81
PAROLE tcp -- anywhere anywhere tcp dpt:pop3
PAROLE tcp -- anywhere anywhere tcp dpt:https
PAROLE tcp -- anywhere anywhere tcp dpt:10000
PAROLE tcp -- anywhere anywhere tcp dpt:14534
PAROLE tcp -- anywhere anywhere tcp dpt:51234
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:8767
DROP icmp -- anywhere anywhere
DROP all -- anywhere anywhere
Chain PUB_OUT (4 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
falko
8th October 2006, 15:41
What's in /etc/selinux/config?
What happens when you disable the firewall?
Maybe this thread helps you: http://www.howtoforge.com/forums/showthread.php?t=196
british.assassin
11th October 2006, 21:57
here is the contents of /ets/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
I also tried disabling the ISPConfig firewall and then restating proftd but still could not connect.
I read through the thread you mentioned but none of the fixes worked.
I am completely stumped.
Before using ISPConfig, I was using webmin + virtualmin GPL and the ftp worked fine (i set up the server according to your CentOS 4.3 guide, but installed virtualmin instead of ISPConfig). Then i decided to give ISPConfig a go so i wiped the drive, to start from fresh, followed the guide, installed ISPConfig, but now it does not work, even though i went through the same setup process. Very strange ...
british.assassin
till
12th October 2006, 10:24
As WebFTP works in your setup, these problems are not related to your FTP setup. They muste be related to your firewall. Please disable the firewall first and then post the output of:
iptables -L
vBulletin® v3.8.7, Copyright ©2000-2012, vBulletin Solutions, Inc.