niels Posted November 2, 2010 Share Posted November 2, 2010 Hey everybody, I have some problems connecting to my FTP Server outside my LAN. I'm using Filezilla with FTPES and it was working fine till my provider found out I was running an FTP Server and they block all the ports below 1024. I can get a connection with my server. But because I'm using the FTPES protocol I know the protocol is using a second data channel and Filezilla loses track of the server after login and can't use the LIST command. At home I have a Linksys WRT120N router. Does anybody knows how I can solve this ? Thanks in advance. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted November 3, 2010 Share Posted November 3, 2010 (edited) You have two options: 1. use an encrypted FTP server and change its default port to a higher port or above 1024 2. or use SSH to tunnel any FTP traffic you want, also make sure to change the default SSH port to something above 1024. Edited November 3, 2010 by Infiltrator Quote Link to comment Share on other sites More sharing options...
manuel Posted November 3, 2010 Share Posted November 3, 2010 don't you mean FTPS? I have not known there to be an "E" in it anywhere. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted November 3, 2010 Share Posted November 3, 2010 don't you mean FTPS? I have not known there to be an "E" in it anywhere. Even though the S stands for "secure", its still encrypting the connection between the client and the server side. But yeah it should've been FTPS. Quote Link to comment Share on other sites More sharing options...
niels Posted November 4, 2010 Author Share Posted November 4, 2010 No I meant FTPES the E stands for Explicit TLS/SSL I changed the server so I can use the normal FTPS. But it still won't work ! This is my vsftpd.conf file #GLOBAL FTP SETTINGS listen=YES chmod_enable=NO use_localtime=YES ftpd_banner=Welkom on Niels Home File Server connect_from_port_20=YES hide_ids=YES #USER SETTINGS #ANON anonymous_enable=NO anon_world_readable_only=NO #LOCAL local_enable=YES chroot_local_user=YES passwd_chroot_enable=YES write_enable=YES # SSL SETTINGS ssl_enable=YES implicit_ssl=YES force_local_data_ssl=YES force_local_logins_ssl=YES rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem strict_ssl_read_eof=YES strict_ssl_write_shutdown=YES rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key #LOG FILE SETTINGS log_ftp_protocol=YES debug_ssl=YES dual_log_enable=YES xferlog_enable=YES xferlog_std_format=YES #PASV SETTINGS pasv_enable=YES pasv_addr_resolve=YES pasv_min_port=6000 pasv_max_port=6050 pasv_address=host.dyndns.org pasv_promiscuous=YES When I connect with filezilla I get the next error message : ..... Response: 200 Switching to Binary mode. Command: PASV Response: 227 Entering Passive Mode (84,136,18,180,23,115). Command: LIST Error: GnuTLS error -53: Error in the push function. Error: Connection timed out Error: Failed to retrieve directory listing and the server log mentions the following Fri Nov 5 00:42:52 2010 [pid 1] [niels] OK LOGIN: Client "193.190.253.146" Fri Nov 5 00:42:52 2010 [pid 3] [niels] FTP response: Client "193.190.253.146", "230 Login successful." Fri Nov 5 00:42:52 2010 [pid 3] [niels] FTP command: Client "193.190.253.146", "OPTS UTF8 ON" Fri Nov 5 00:42:52 2010 [pid 3] [niels] FTP response: Client "193.190.253.146", "200 Always in UTF8 mode." Fri Nov 5 00:42:52 2010 [pid 3] [niels] FTP command: Client "193.190.253.146", "PBSZ 0" Fri Nov 5 00:42:52 2010 [pid 3] [niels] FTP response: Client "193.190.253.146", "200 PBSZ set to 0." Fri Nov 5 00:42:52 2010 [pid 3] [niels] FTP command: Client "193.190.253.146", "PROT P" Fri Nov 5 00:42:52 2010 [pid 3] [niels] FTP response: Client "193.190.253.146", "200 PROT now Private." Fri Nov 5 00:42:52 2010 [pid 3] [niels] FTP command: Client "193.190.253.146", "PWD" Fri Nov 5 00:42:52 2010 [pid 3] [niels] FTP response: Client "193.190.253.146", "257 "/"" Fri Nov 5 00:42:52 2010 [pid 3] [niels] FTP command: Client "193.190.253.146", "TYPE I" Fri Nov 5 00:42:52 2010 [pid 3] [niels] FTP response: Client "193.190.253.146", "200 Switching to Binary mode." Fri Nov 5 00:42:52 2010 [pid 3] [niels] FTP command: Client "193.190.253.146", "PASV" Fri Nov 5 00:42:52 2010 [pid 3] [niels] FTP response: Client "193.190.253.146", "227 Entering Passive Mode (84,136,18,180,23,115)." Fri Nov 5 00:42:52 2010 [pid 3] [niels] FTP command: Client "193.190.253.146", "LIST" Fri Nov 5 00:43:14 2010 [pid 3] [niels] FTP response: Client "193.190.253.146", "425 Failed to establish connection." Fri Nov 5 00:43:14 2010 [pid 2] [niels] DEBUG: Client "193.190.253.146", "Connection terminated without SSL shutdown - buggy client?" Fri Nov 5 00:43:52 2010 [pid 3] [niels] FTP response: Client "193.190.253.146", "425 Failed to establish connection." Fri Nov 5 00:43:52 2010 [pid 2] [niels] DEBUG: Client "193.190.253.146", "Connection terminated without SSL shutdown - buggy client?" Anybody knows how to solve this ? Thx Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted November 5, 2010 Share Posted November 5, 2010 Are you able to use another FTP Client software? Just for testing purposes. If you are able to connect to your FTP server with another client software, than it could mean that there is some bad settings within FTPES. Quote Link to comment Share on other sites More sharing options...
niels Posted November 5, 2010 Author Share Posted November 5, 2010 No I tried using FireFTP but with the current file I get the following result in my vsftpd.log No problems logging in but I can't get any further than that. Fri Nov 5 15:42:22 2010 [pid 3] [niels] FTP command: Client "192.168.1.105", "PWD" Fri Nov 5 15:42:22 2010 [pid 3] [niels] FTP response: Client "192.168.1.105", "257 "/"" Fri Nov 5 15:42:22 2010 [pid 3] [niels] FTP command: Client "192.168.1.105", "TYPE A" Fri Nov 5 15:42:22 2010 [pid 3] [niels] FTP response: Client "192.168.1.105", "200 Switching to ASCII mode." Fri Nov 5 15:42:22 2010 [pid 3] [niels] FTP command: Client "192.168.1.105", "PROT P" Fri Nov 5 15:42:22 2010 [pid 3] [niels] FTP response: Client "192.168.1.105", "200 PROT now Private." Fri Nov 5 15:42:22 2010 [pid 3] [niels] FTP command: Client "192.168.1.105", "PASV" Fri Nov 5 15:42:22 2010 [pid 3] [niels] FTP response: Client "192.168.1.105", "227 Entering Passive Mode (84,136,18,180,23,137)." Fri Nov 5 15:42:22 2010 [pid 3] [niels] FTP command: Client "192.168.1.105", "LIST" Fri Nov 5 15:42:22 2010 [pid 3] [niels] FTP response: Client "192.168.1.105", "150 Here comes the directory listing." Fri Nov 5 15:42:22 2010 [pid 2] [niels] DEBUG: Client "192.168.1.105", "SSL version: TLSv1/SSLv3, SSL cipher: DES-CBC3-SHA, not reused, no cert" Fri Nov 5 15:42:22 2010 [pid 2] [niels] DEBUG: Client "192.168.1.105", "No SSL session reuse on data channel." Fri Nov 5 15:42:22 2010 [pid 2] [niels] DEBUG: Client "192.168.1.105", "SSL shutdown state is: NONE" Fri Nov 5 15:42:22 2010 [pid 2] [niels] DEBUG: Client "192.168.1.105", "SSL shutdown state is: SSL_SENT_SHUTDOWN" Fri Nov 5 15:42:58 2010 [pid 2] [niels] DEBUG: Client "192.168.1.105", "SSL shutdown state is: SSL_SENT_SHUTDOWN" Fri Nov 5 15:42:58 2010 [pid 2] [niels] DEBUG: Client "192.168.1.105", "SSL shutdown state is: SSL_SENT_SHUTDOWN" Fri Nov 5 15:42:58 2010 [pid 2] [niels] DEBUG: Client "192.168.1.105", "SSL ret: 0, SSL error: error:00000000:lib(0):func(0):reason(0), errno: 0" Fri Nov 5 15:42:58 2010 [pid 3] [niels] FTP response: Client "192.168.1.105", "522 SSL connection failed; session reuse required: see require_ssl_reuse option in vsftpd.conf man page" Fri Nov 5 15:43:21 2010 [pid 3] [niels] FTP command: Client "192.168.1.105", "NOOP" Fri Nov 5 15:43:21 2010 [pid 3] [niels] FTP response: Client "192.168.1.105", "200 NOOP ok." Quote Link to comment Share on other sites More sharing options...
niels Posted November 5, 2010 Author Share Posted November 5, 2010 I solved the problem. Because my FTP server is behind a router I had to adjust the PASV settings but I specified a little bit too much. I got everything working fine now with these settings. There is still something a bit strange, I can connect perfectly with FileZilla but with FireFTP he is giving me some trouble. #GLOBAL FTP SETTINGS listen=YES chmod_enable=NO use_localtime=YES ftpd_banner=Welkom on Niels Home File Server connect_from_port_20=YES hide_ids=YES #USER SETTINGS #ANON anonymous_enable=NO anon_world_readable_only=NO #LOCAL local_enable=YES chroot_local_user=YES passwd_chroot_enable=YES write_enable=YES # SSL SETTINGS ssl_enable=YES require_ssl_reuse=YES implicit_ssl=YES rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem strict_ssl_read_eof=YES strict_ssl_write_shutdown=YES rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key #PASV SETTINGS pasv_min_port=6000 pasv_max_port=6050 #LOG FILE SETTINGS log_ftp_protocol=YES debug_ssl=YES dual_log_enable=YES xferlog_enable=YES xferlog_std_format=YES Thx for all the help but this topic is SOLVED Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.