Proftpd Access outside of network

Discussion in 'Installation/Configuration' started by palkat, Sep 8, 2005.

  1. palkat

    palkat New Member

    I have done 2 fresh reinstalls of SUSE 9.3 and ISPCONFIG per online instructions. Everything is working but the ftp again.

    Within the local network ftping to the ISPConfig server via its physical IP address is no problem but when you try to ftp via outside the network either on my machines or remote computers you get the following error after your logged into the ftp server (and don't see a file list)
    ----------------
    SmartFTP v1.5.988.47
    Resolving host name "cryptchat.com"
    Connecting to 24.117.228.198 Port: 21
    Connected to cryptchat.com.
    220 ProFTPD 1.2.10 Server (ProFTPD Default Installation) [192.168.1.205]
    USER web1_shane
    331 Password required for web1_shane.
    PASS (hidden)
    230 User web1_shane logged in.
    SYST
    215 UNIX Type: L8
    FEAT
    211-Features:
    MDTM
    REST STREAM
    SIZE
    211 End
    PWD
    257 "/" is current directory.
    TYPE I
    200 Type set to I
    PASV
    227 Entering Passive Mode (192,168,1,205,4,58).
    Opening data connection to 192.168.1.205 Port: 1082
    LIST -aL
    0 bytes transferred. (N/A/s) (0 ms)
    Timeout (20s).
    Active Help: http://www.smartftp.com/support/kb/index.php/45
    Client closed the connection.
    Automatic failover of data connection mode from "Passive Mode (PASV)" to "Active Mode (PORT)".
    ----------------------

    Now i have bypassed my Linksys router - NO Change
    My router when pointed to my windows ftp server has no problems remotely

    --now under ispconfig "Services" it reads the ftp server is OFFLINE--

    Being i have reinstalled the whole linux server 3 times now and have read just about every thread on here about proftp i an still stuck.

    Can anyone help? seems like an internal linux issue.

    Would swithing ftp server programs help? if so how do you remove proftpd and install the other?

    What about VS-ftp?


    Thanks.
     
    Last edited: Sep 8, 2005
  2. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer


    I think switching to vsftpd wont help you. When ISPConfig shows your FTP-Server offline, it cant connect to it from localhost. Can you try to connect the FTP-Server from the shell on your server:

    Code:
    telnet localhost 21
    To close the FTP connection type quit.
     
  3. palkat

    palkat New Member

    Okay so today here is what I did in regaurd to above.

    Fresh install of Suse 9.3 pro per book
    I installed all the modules per instructions and stopped installation right after completing the ProFTPD.
    Then did the TELNET LOCALHOST 21 and got:
    -----------
    Trying 127.0.0.1...
    Connected to localhost.
    Excape character is '`]'
    220 ProFTPD 1.2.10 Server (proFTPD Defaul Installation) [127.0.0.1]
    -----------
    then i did a quit and it said:
    -----------
    221 Goodbye.
    Connection closed by foreign host.
    -----------

    That seemed okay, right?
    Then i tried to do an ANONYMOUS ftp with my software on another machine connection to the proftpd server via its machine physical ip and here is what i got:

    ------------
    SmartFTP v1.5.988.47
    Resolving host name "192.168.1.205"
    Connecting to 192.168.1.205 Port: 21
    Connected to 192.168.1.205.
    220 ProFTPD 1.2.10 Server (ProFTPD Default Installation) [192.168.1.205]
    USER anonymous
    331 Anonymous login ok, send your complete email address as your password.
    PASS (hidden)
    230 Anonymous access granted, restrictions apply.
    SYST
    215 UNIX Type: L8
    FEAT
    211-Features:
    MDTM
    REST STREAM
    SIZE
    211 End
    PWD
    257 "/" is current directory.
    TYPE I
    200 Type set to I
    PASV
    227 Entering Passive Mode (192,168,1,205,4,15).
    Opening data connection to 192.168.1.205 Port: 1039
    LIST -aL
    150 Opening ASCII mode data connection for file list
    117 bytes transferred. (7.61 KB/s) (15 ms)
    226 Transfer complete.
    --------------

    so that worked too, BUT then i tried to connect with again using my outside IP that my domains resolve to and back to it hanging on the LIST here is the log of that:

    --------------

    SmartFTP v1.5.988.47
    Resolving host name "cryptchat.com"
    Connecting to 24.117.228.198 Port: 21
    Connected to cryptchat.com.
    220 ProFTPD 1.2.10 Server (ProFTPD Default Installation) [192.168.1.205]
    USER anonymous
    331 Anonymous login ok, send your complete email address as your password.
    PASS (hidden)
    230 Anonymous access granted, restrictions apply.
    SYST
    215 UNIX Type: L8
    FEAT
    211-Features:
    MDTM
    REST STREAM
    SIZE
    211 End
    PWD
    257 "/" is current directory.
    TYPE I
    200 Type set to I
    PASV
    227 Entering Passive Mode (192,168,1,205,4,22).
    Opening data connection to 192.168.1.205 Port: 1046
    LIST -aL
    0 bytes transferred. (N/A/s) (0 ms)
    Timeout (20s).
    Active Help: http://www.smartftp.com/support/kb/index.php/45
    Client closed the connection.
    Automatic failover of data connection mode from "Passive Mode (PASV)" to "Active Mode (PORT)".
    -------------------

    So what i have learned....with NO ISPConfig installed yet, just the raw PROFTPD the problem is with the ProFTPD.

    So what would you all suggest now...to get the FTP to work outside of my network? I can't believe I am having such an issue.

    I appriciate all the help so far and don't mean to be such a pest on this but really need the ftp to funcion outside of my network. If anyone needs to access the machine to help I am open to that as well.
     
    Last edited: Sep 9, 2005
  4. palkat

    palkat New Member

    Got It!!!

    After 1.5 weeks and much trial and error we got it working.

    The problem was that the /etc/init.d/proftpd needed the following added to it:

    MasqueradeAddress ftp.mydomain.com # using a DNS name
    MasqueradeAddress 123.45.67.89 # using an IP address

    PassivePorts 60000 65535

    Then we had to setup another forward in the router, to forward all TCP request for port range 60000~65535 to the proftp server.

    Now out side traffic can get a LIST. turns out using the PROFTPD.CONF per instructions it did not use the MasqueradeAdrdress and was sending the proftpd servers physical internal IP to the clients ftp program so out side of our network that IP is useless.

    Thanks again for EVEYONE's help, I so glad to have found the simple solution.
     
  5. palkat

    palkat New Member

    IM back...ugh!

    Okay well all the above did work...but now all of a sudden (not a single thing has changed on the ispconfig server) outside traffic can log in but does NOT get a list it just times out.

    out side traffic can telnet connect fine.

    inside network trafic can pull a list in ftp clients just fine too..

    any input?

    thanks!
     

Share This Page