Hi...

I am trying to set up my linux box as an FTP server....I can log in successfully into my own IP address.

But when I ask my friend to log in to my machine....he reports an error when he feeds my IP address in I.E and OPERA using the ftp protocol.

The thing is, I am using Cable Internet....So I dont know how someone from the outside world will connect to my machine?

Will there be a different IP address for my machine when someone from outside tries to log in to the ftp server?

What's going wrong here? any suggestions friends?

Please help..

Regards,

amit

Ok....let me give u guys a scenario...so that u may be able to help me properly...

I am using Cable Internet ...i.e on LAN
Lets suppose my local IP Address on network is 147.1.1.100
Subnet mask is 255.255.0.0

I have enabled vsftpd and following is my /etc/vsftpd/vsftpd.conf file

anonymous_enable=YES
local_enable=YES
write_enable=YES
local_umask=022

#anon_upload_enable=YES
#anon_mkdir_write_enable=YES
dirmessage_enable=YES

connect_from_port_20=YES

idle_session_timeout=600
data_connection_timeout=120

#ascii_upload_enable=YES
#ascii_download_enable=YES

pam_service_name=vsftpd
userlist_enable=YES

listen=YES
tcp_wrappers=YES
accept_timeout=300
connect_timeout=300
listen_port=21

Are there any changes that need to be made in the above file? (lets suppose I just wanna allow anonymous ftp at this point)

What else do i need to do in order to let someone from the outside world access the ftp site...

will the following IP address work?

ftp://147.1.1.100

If it is something else, what should it be?

Regards,

amit

147.1.1.100 is not your real ip address, well not as far as the outside world is concerned. Thats just how computers on your local network see it, because your internet provider will only give you one, and you need a way of splitting it up. To find out your ip address you can go to www.whatismyip.com and it will tell you.
If you want your friend to connect from somewhere outside your local net work you have a couple of options. A way to start is to go to that website every time and just tell him what it is. This will help you get your server up but sucks when you want to actually start using it.
What I would use is called dynamic DNS. Since the IP your ISP gives you is subject to change, you need something to check it when you boot your computer, and at certain intervals. After checking it you can associate with a name that won't change.
I use the client from dynu.com on my windows machine, and I know they have a client for linux, and I haven't tried it, but I may in the next few days.

Anyway, once you get that setup, you will have a name that will point to your ip address, whether it changes or not. However if you have a bunch of computers behind a router, the name will point to the router, not your computer. (at least thats the way it works with dynu's client) So THEN you have to tell your router where you want it to send ftp requests. Thats called port forwarding, and most newer routers have it built in.
You would tell your router to forward any request over port 21(or whatever your using for ftp) to port 21 on 147.1.1.100
cause thats how your router is gonna see your computer

I hope this helps, and I haven't made horrible assumptions about your setup that lead to useless information.

Peace.

Hi,

I'm having a similiar problem.

so I know how to forward a port on my linksys router ...like say, 21-22, but how would I forward it to a lan ip as you suggest??

I've really been trying to figure this out, because whenever anybody tries to get onto my FTP they time out..

Jimkyle helped me greatly in setting up the FTP but I don't think he knew how to get the lan problem fixed,

Thanks

You go to the routers admin page via your web browser, probably 192.168.1.1 or 192.168.0.1, and add an appropriate entry to the port forwading section, once you get to the right page just bang in the ip address of the internal ftp server and the tcp port number 21.

Check aswell you don't have any firewall blocking port 21 on the Mandrake machine and appropriate hosts.allow / hosts.deny entries if applicable.

Normally when I connect to an ftp server with a user name I put the entry in my browser like so:


ftp://myusername@ftp.myftpserver.com

but it isn't 100% necessary to do it like that all the time.

If you want to be able to use passive mode (PASV) you will need to define a range of ports (high, non-privileged ports), about 50 ports in a row will do if you don't expect heavy traffic, to be used for data transfers. Set up your router to forward these ports too. If you don't it's very likely that when a client tries to connect from the outside he can get in without any problems, but a timeout will occur when listing directories or trying to download files.

Håkan

Coolamit,

About this PASV thing, I dont know vsftp too well, but a similar question was asked for proftpd.
Check this link out. Maybe its of some help for you....

Thanks

*Crosses fingers*

Hi... I have a somewhat similar problem... I have an ADSL connection to the internet. I used the site that lil_slice gave to check my ip address which turned out to be 66.50.221.153. I set up vsftpd to allow anonymous connections. Now thru the command-line ftp client i run the command open 66.50.221.153, it gives me the following information:

Connected to 66.50.221.153 (66.50.221.153).
220 PRTC.net FTP version 1.0 ready at Sun Jan 2 04:25:14 2000
Name (66.50.221.153:jacktheripper):

Now, this means that the IP is valid... But now, I type in anonymous as the username, and it asks me for a password (which i understand it shouldn't).. I type anonymous as well for the password, and alas, I cannot connect. Now, above it says PRTC.net. PRTC.net is my ISP. I hate to think the IP address given to me by the website provided by lil_slice is actually the IP of my internet service provider, and not of my single computer. Perhaps my computer is connected to a router used by my DSL provider?

Please, any help will be greatly appreciated.

mmmm... strange thing happening here....
I wonder a few things, please answer them before we continue?
Your ftp server, is it behind a firewall or NAT device, such as your adsl router? If so, what is it's internal IP Address? And next: have you tried to connect with ftp on it's internal address? Or even tried: ftp localhost on the machine itself?

Let me know, maybe i can be of some help then....

Coolamit,

there are 2 ways an ftp data connection is established. When you start an FTP session, a control connection will be made at port 21. If a client wants to transfer a file, or directory listing, another connection will be made, based on your settings. This design of the FTP protocol causes a lot of problems.

• port/active mode: your ftp machine will contact the client's system. this will always work with your router, since it's just another outgoing connection. The firewall/router of the client system must support this; they must allow, and maybe forward the incoming connection.
  
• passive mode: the client doesn't have to deal with any problems, but your system has. Your firewall should allow the incoming connection, and if you use a router, it should forward this incoming connection.
  I once had a nice draytek router; this device monitored my FTP connection, and did everything automatically. My new acatel router doesn't do these things, and I need to help it a little. (ie: specify a certain port range the serer should choose for for passive mode, and forward that entire range to your internal machine)

hope this helps



(since you gave an internal IP-address for your machine, I'm almost sure you're having some sort of adsl router, or other gateway that shares the internet connection)

Ok....I agree I was making a big blunder by trying my own local IP address in the browser. But now, I have also noted down my IP from www.whatismyip.com and when I try to connect using this IP address (202.122.61.30) , it displays a 'connection was refused' error message.

I have disabled iptables too. However, I have confusion regarding one point-

I dont know what values should I give for the following:

1. listen_address=

2. pasv_address=

When I try the IP that I got from whatismyip.com (202.122.61.30), it dosent work...I get the error 'connection refused'.

When I use my local IP (192.168.1.10) and use the same IP value for listen_address and pasv_address, it connects locally from my machine.

Can anyone help me set this up?

Thanx and Regards,

amit

perhaps your internet router is blocking the connection. You should forward the ftp port to your internal machine.

This is what should happen:

internet ---incoming---> home-router ---forward---> your machine.

http://www.markus-welsch.de/linux/services/ftp.html might also be of some help when dealing with vsftpd.

Again, Does the server work from localhost???