HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Server Operation (http://www.howtoforge.com/forums/forumdisplay.php?f=5)
-   -   ProFTPd Problems Logging in from outside network (http://www.howtoforge.com/forums/showthread.php?t=801)

Ran2004 10th October 2005 03:37

ProFTPd Problems Logging in from outside network
 
Ok, I've seen that people using ProFTPd have had problems when they logged in from outside of their own networks. To remedy this we use Active mode instead of Passive mode. I don't want to have to do this, though. Is there anyway workaround for ProFTPd that will allow me to use passive mode? Thanks!

Ran

falko 10th October 2005 12:32

I think it's a firewall issue. Did you try passive mode? Did it work?

Ran2004 10th October 2005 16:31

I can only login from outside the network IF I used active mode. When I use passive mode it tells me:

SmartFTP v1.5.990.11
Resolving host name "24.166.119.12"
Connecting to 24.166.119.12 Port: 21
Connected to 24.166.119.12.
220 FTP Server ready.
USER narayani
331 Password required for narayani.
PASS (hidden)
230 User narayani logged in.
SYST
215 UNIX Type: L8
FEAT
211-Features:
211-MDTM
211-REST STREAM
211-SIZE
211 End
TYPE I
200 Type set to I
REST 0
350 Restarting at 0. Send STORE or RETRIEVE to initiate transfer
PWD
257 "/" is current directory.
PASV
An established connection was aborted by the software in your host machine.
Server closed connection

I don't want to have to use active mode though, it's a slight inconvienence as any other site I login to used passive. Is there a way to change it so I can use passive?

falko 10th October 2005 17:17

Quote:

Originally Posted by Ran2004
I don't want to have to use active mode though, it's a slight inconvienence as any other site I login to used passive. Is there a way to change it so I can use passive?

I don't think it has to do with Proftpd. I still think that it's a firewall/router issue... :confused:

Ran2004 11th October 2005 19:23

I suppose that it's possible, I will take another look at the router settings when I go home later... I just don't know what else I can do, I mean, I forwarded port 21 to 192.168.15.101 (the adress of the server)...

themachine 15th October 2005 18:33

Passive Ftp
 
I would agree that this is a firewall issue. I run passive ProFTP like such:

/etc/proftpd.conf snippet

Code:

DefaultAddress    w.x.y.z
PassivePorts        30000 30050

So I have 50 ports open from 30000 - 30050 to allow for 50 simaltaneous ftp connections (subsitituting your IP of course for w.x.y.z). On my firewall, I just open up ports 30000 - 30050 going to that server.

iptables -A INPUT -d w.x.y.z -p tcp --dport 30000:30050 -j ACCEPT

Or on a personal firewall device... just do the usual port forwarding thang forwarding ports 30000-30050 to the internal IP AS WELL AS the standard ports 20/21 for ftp.

Then, once you connect you must initiate passive ftp unless the client automatically does:
Code:

ftp> passive
Passive mode on

Let me know if that helps, or if you have questions...

Ran2004 15th October 2005 22:10

Should the default address value be replaced with the local ip or the external ip? 192.168.15.101 or the other one... that I can't remember right now. Starts with a 24.

themachine 15th October 2005 22:19

Should be the IP that the Server is assigned.... so the internal IP 192.168.15.101.

Ran2004 16th October 2005 23:52

It worked wonderfully! Thank you!!!

themachine 17th October 2005 00:56

Quote:

Originally Posted by Ran2004
It worked wonderfully! Thank you!!!

Always love to here that! ;)


All times are GMT +2. The time now is 13:58.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.