Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I am trying to set up an FTP server on my home network. I am having trouble connecting from the WAN.
I am running vsftpd on Raspbian on a raspberry pi. I have an Asus router with DD-WRT installed.
I have made the following adjustments to my /etc/vsftpd.conf file:
pasv_address=[my dyndns address]
The listen_port=2121 is because Charter blocks port 21.
I have my router (DD-WRT)set up to forward ports 2121, 20, and the range of 1024 to 1030 to my raspberry pi's LAN IP.
However, I am having trouble connecting from outside my network. When I run the command-line windows ftp from my computer at my work, I am able to log in. Once I am logged in, I have an exchange like this:
230 Login successful.
550 Permission denied.
425 Use PORT or PASV first.
ftp> literal pasv
227 Entering Passive Mode (68,187,99,74,4,2).
It just hangs for awhile before I get:
425 Failed to establish connection.
It keeps behaving like I'm having port forwarding problems, but I have everything set up in DD-WRT so it can't be that. Does anybody have any ideas?
Forgive me, because I am not fully familiar with how iptables works. But the fact that this works fine on my LAN makes me think I can rule out need to update iptables on the FTP server. I guess I could see why it would need to be done on the router, though.
I've found a lot of documentation, including jefro's, and they all seem to differ. I tried this on my router:
iptables -A INPUT -p tcp -s 0/0 --sport 1024:1030 -d [WAN dyndns address] --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp -s [WAN dyndns address] --sport 22 -d 0/0 --dport 1024:1030 -m state --state ESTABLISHED -j ACCEPT
This did not do it for me. Can anybody help me understand what I should be doing here?