Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 28th June 2013, 19:31
razor7 razor7 is offline
Member
 
Join Date: May 2007
Posts: 47
Thanks: 6
Thanked 1 Time in 1 Post
Default FTP TLS enabled but no extenral connection

Hi, if I try to connect to FTP from WAN using Explicit TLS, FileZilla times out and an error is thrown.

Is there anything I can do to fix it?

Quote:
...
Reply: 200 TYPE is now 8-bit binary
Command: PASV
Reply: 227 Entering Passive Mode (192,168,1,77,156,205)
Status: The server sent a passive reply with an unroutable address. Using server address instead.
Command: MLSD
Error: Conection timeout
Error: Error listing directory contents
Thanks
Reply With Quote
Sponsored Links
  #2  
Old 1st July 2013, 07:28
tecnoplaga tecnoplaga is offline
Junior Member
 
Join Date: Sep 2007
Posts: 5
Thanks: 0
Thanked 1 Time in 1 Post
Default

I think it's a firewall issue, disable it and test.

implicit TLS uses ports 990 and 980

If CentOS 6 + you can disable it on:

# System-config-firewall-tui
Reply With Quote
  #3  
Old 1st July 2013, 14:33
razor7 razor7 is offline
Member
 
Join Date: May 2007
Posts: 47
Thanks: 6
Thanked 1 Time in 1 Post
Default

Hi, thanks a lot!, I have enabled ports 980 and 990 in ISPConfig Firewall through System->Firewall option but no luck, still can't access FTP server remotely using implicit TLS nor ecxplicit!

I'm using Ubuntu server 12.04 LTS.

Thanks in advise!

EDIT: syslog file says that explicit FTP over SSL/TLS was ok, but FileZilla got the same timeout error

Quote:
...
Jul 1 11:32:57 rusios pure-ftpd: (?@201.253.216.XXX) [INFO] New connection from 201.253.216.XXX
Jul 1 11:32:57 rusios pure-ftpd: (?@201.253.216.XXX) [INFO] SSL/TLS: Enabled TLSv1/SSLv3 with DHE-RSA-AES128-SHA256, 128 secret bits cipher
Jul 1 11:32:57 rusios pure-ftpd: (?@201.253.216.XXX) [INFO] XXXX_XXXX is now logged in
...
Jul 1 11:36:39 rusios pure-ftpd: (?@201.253.216.XXX) [INFO] New connection from 201.253.216.XXX
Jul 1 11:36:39 rusios pure-ftpd: (?@201.253.216.XXX) [INFO] SSL/TLS: Enabled TLSv1/SSLv3 with DHE-RSA-AES128-SHA256, 128 secret bits cipher
Jul 1 11:36:39 rusios pure-ftpd: (?@201.253.216.XXX) [INFO] XXXX_XXXX is now logged in
...

Last edited by razor7; 1st July 2013 at 16:44.
Reply With Quote
  #4  
Old 1st July 2013, 18:10
tecnoplaga tecnoplaga is offline
Junior Member
 
Join Date: Sep 2007
Posts: 5
Thanks: 0
Thanked 1 Time in 1 Post
Default

Quote:
Originally Posted by razor7 View Post
Hi, thanks a lot!, I have enabled ports 980 and 990 in ISPConfig Firewall through System->Firewall option but no luck, still can't access FTP server remotely using implicit TLS nor ecxplicit!

I'm using Ubuntu server 12.04 LTS.

Thanks in advise!

EDIT: syslog file says that explicit FTP over SSL/TLS was ok, but FileZilla got the same timeout error
I had the same problem and to find the error, temporarily disable the firewall, then I could see the necessary ports.

# sudo ufw disable
Reply With Quote
  #5  
Old 1st July 2013, 18:34
razor7 razor7 is offline
Member
 
Join Date: May 2007
Posts: 47
Thanks: 6
Thanked 1 Time in 1 Post
 
Default

Bingo! in order to solve my problem, I had to configure passive ports in file /etc/pure-ftpd/conf/PassivePortRange, this way.
Quote:
# sudo nano /etc/pure-ftpd/conf/PassivePortRange
Then entered port range 50000 50050 (without any colon) and rebooted pure-ftpd

Quote:
# sudo /etc/init.d/pure-ftpd-mysql restart
Then, in my NAT router, I have set the port range 50000-50050 to point to the LAN server IP.

That did the trick for me.

Best regards!

Last edited by razor7; 2nd July 2013 at 16:47.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
haproxy with stunnel problem abubin Server Operation 6 10th April 2012 15:08
Incoming Emails abintipl Installation/Configuration 3 11th May 2011 09:03
ISPConfig 3 Send/Receive mail not working. Acidut General 6 4th April 2010 11:24
Mail not working epicuniversal General 5 13th June 2009 08:24
debian etch courier pop3 issue docean Installation/Configuration 6 20th March 2008 15:38


All times are GMT +2. The time now is 03:58.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.