vsftpd login locally, but not remotely. get a login prompt though!
I have a linux (RH Enterprise ES) server that i've inherited at a subsidory in a company i work at.
They need ftpd running on it, so i've set vsftpd to run on startup and done a few configuration changes to make it secure online (taking away anonymous access etc.)
Anyway, getting to the point, i can create users, and they can login just fine...but only if they are logging in from the local lan, or from on the server itself. However, if i try and login remotely over the web (i've port forwarded tcp 20 + 21 through the router to this server) i get a login prompt (telling me the port forwarding is working?) but the user name and password that i know works locally, does not work over web! if i use filezilla client, i get the following server message once i've entered the correct password:
"530 Permission denied"
both pasv and active mode do the same (on the client end)...I get to the user/pass prompt, but as soon as the password is entered, it kicks me off with that message above ^
can this be to do with the tcp_wrapper? i wouldnt have thought so seeing as im getting a username prompt remotely.
or is this to do with the fact that im port forwarding, therefore the ftp is reporting the wrong ip address to the client in the pasv ftp packets (reporting its local address rather than its real public ip?) - again i wouldnt have thought so seeing that im getting a login prompt.
my full vsftd.conf file is pasted below (minus the comment fields):
note: i changed the tcp_wrappers to NO, but only restarted the vsftd daemon, i didnt restart any other daemons (dont know if i need to - hope not as the server is not only an ftp but a production box for other app's).
i also added the username that works locally into the vsftpd.user_name file, but as soon as i did, it stopped working, so im guessing thats not it either (i then quickly removed it from the file so i could ftp in again (locally on our lan))
also, something else to bear in mind... im a just a beginner at linux, so please treat me like a dummie when answering, dont expect me to know anything that you might think is simple....cos im simple!
many thanks for your help in advance peeps.