Hello!

So, I'm so tired to googling to solve my problem. Please, give me some advice.

I'm trying to access to my ftp running on Ubuntu, installed on BBB. (Beaglebone Black which is small MCU) Currently, BBB and my desktop(win7) are connected to Comcast router through ethernet cable. In my vsftpd.conf file,

listen=YES
local_enable=YES
write_enable=YES
connect_from_port_20=NO
pam_service_name=ftp
listen_port=2200
ftp_data_port=2201
pasv_enable=YES
pasv_min_port=50000
pasv_max_port=50010

and I did port forwarding to open port 2200 and 2201.(Also, 21 for just in case.) Then, enable all ftp ports with "sudo ufw allow ftp".

I can access to ftp from my desktop, ftp://xx.xx.xx.xx:2200, it shows me the login window and can login with correct information. The problem is when I try to access to my ftp from outside network, it shows me the timed out. From outside, I put my ftp address on web browser as I did on my desktop. I really have no idea what should I do to fix it. Gimme me some tips!

U need to forward ftp and ftp data port in ur comcast router.
Check ur router documentation on how to do that. Then u can access ur server from outside
Using external ip (ftp:\\xxx.xxx.xxx.xxx:2200)

1 members found this post helpful.

my advice would be not to use ftp but use scp instead. still would need to forward the requisite ports inside your router configuration.

1 members found this post helpful.

zafar_dandoti
Thanks for the reply. If I was right, Like you mentioned, I did port forwarding on my comcast router for listen and ftp data port. But, still no luck. The ftp port is different than listen_port, I probably did something wrong. And I check my BBB's ip address and it has 2 diff ip that one is eth0 and the other is usb. So, I'm trying to access with eth0 ip. If this ip is diff than external ip, please gimme me something to understand you. Thanks!

schneidz
It seems like scp is secure ftp? I'm building my own ftp server and wanna up/download some files from it. So, I'm the only user I think. Thanks!

Well that's not necessarily the only problem, but it's definitely a major one.

You need to use your public IP, not your BBB's local IP.

Comcast assigns you ONE IP to use, which is inherited by your router. Your router then creates its own internal network for all of your devices, assigning a unique internal IP to each of them. These internal IPs allow your devices on your network to talk directly to each other, but those internal IPs are meaningless when you're outside of your local network. You need to point the ftp connection to your router's public IP, and then the port forwarding rule in your router tells it where, on your local network, it should direct the traffic.

If you don't know your public IP, you can go to one of the many sites that will tell you, such as www.whatismyip.com. Unless you've paid for a static IP from Comcast, then it is not fixed, it can and will change. Some ISPs will change your IP pretty regularly, maybe every few days. In my experience Comcast is pretty fixed, mine usually only changes once every 2-3 years.

1 members found this post helpful.

While forwarding ports on ur router u need to point ur internal server ip(where ftp is listning). Make sure u have assigned the right ip(eth0).
Then using external ip(one that assigns ur isp)check ur modem connection status u will find there or as said above whatsmyip.com

1 members found this post helpful.

suicidaleggroll

Thanks so much! It really helpful and makes me happy to understand my problem. So, I wanna make everything clear from your explaination, what I understand is, setting and configuration for my ftp has no problem but I have to make some connection between BBB and router so I can access to ftp from outside of local network with public ip provided from Comcast. Since, BBB has its own local ip, port forward the router's public ip to BBB's local ip. (From outside, access with public ip -> router will forward incoming request with public ip to BBB's local ip -> access to ftp) What I understand is right? Then, how to do setting for ftp so that it could receive the request from router? or only thing I have left is using external ip to access my ftp from outside? As far as I know, A port forwarding makes handover the incoming request with some ip to specified ip. So, I think I did port forward to ftp with specified port(2200) and try to access with external ip from outside. So far, I did port forward on router, allow TCP/UDP and put BBB's local ip address(eth0) with 2200 as its port. Am I right? It sounds like so stupid question but please understand me. Thanks again!

zafar_dandoti

Thanks so much! Sounds like same as what zafar_dandoti told me. So, set up the router to port forward the incoming request with external ip to handover to ftp. In other word, when I try to access my ftp from outside with public ip, my router will accept the request and port forward it to ftp. right?

I have another question for youguys. If I can access from outside with public(external) ip and we don't know when and how many times ISP will fix it, only way to avoid the losing external ip is just pay for static ip?

. You need to point the ftp connection to your router's public IP, and then the port forwarding rule in your router tells it where, on your local network, it should direct the traffic.

Yes that's correct. The end-to-end steps are below

1) Set up the service on your computer to accept connections on the port you want. Let's call it 22 for SSH for this example
2) Determine your computer's local IP on your network, using the output of ifconfig or similar. Let's call it 192.168.1.2 for this example
3) Connect to your computer's local IP (192.168.1.2) from another machine on your network, to make sure the service is working and accepting connections
4) Set up a port forwarding rule in your router so that incoming connections from outside of your network on port 22 are forwarded to 192.168.1.2
5) Determine your network's public IP by going to www.whatismyip.com or similar, Let's call it 1.2.3.4 for this example
6) On a computer that's outside of your network, maybe go to a coffee shop or something, connect to port 22 on 1.2.3.4. The router should accept the connection, and forward it to 192.168.1.2 on your local network, where your computer can handle it from there.

You don't know when or how often your ISP might change your IP, it could be every couple of days or once a decade. There are three ways to handle this:

1) Keep track of it yourself. If it changes, you won't be able to connect again until you find out the new one. This is only really feasible if it doesn't change often, and might be a pain if it changes while you're away for an extended period of time. On the flip side, it's free.

2) Sign up for a dynamic DNS service. A program runs on your computer that retrieves its public IP and updates a 3rd party server, which provides you with a web address you can use that always points to your network's public IP. If the IP changes, your computer retrieves the new one, updates the DNS entry on the 3rd party server, and everything continues to work. There are free services that do this (eg: noip.com), as well as paid services that range up to around $5/month (dyn.com, etc). I can only assume the free services make their money through advertisements, which might not be your cup of tea.

3) Pay for a static IP from your ISP. Static IPs are usually somewhere around $5/month, but they're often only available for business connections, which could be $50-100/month more than a regular consumer connection.

2 members found this post helpful.

Thanks! I just came back from my business trip. I will try tomorrow. So, if Comcast makes my public IP to changed shortly, I have to pay for static IP, sounds better than ask to 3rd party DNS service. Thanks again!