LinuxQuestions.org
Page 2 of 2 1 2
Show 50 post(s) from this thread on one page

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   425 Failed to Establish Connection | vsftpd | AWS (https://www.linuxquestions.org/questions/linux-networking-3/425-failed-to-establish-connection-%7C-vsftpd-%7C-aws-4175654009/)

gauravtewari88 05-17-2019 01:30 AM
Quote:
Originally Posted by gauravtewari88 (Post 5995969)
Thanks for your reply. I have disabled IPTables and also SElinux.
I have put logging as well in the vsftpd as well but still i don't see any trace of error.

Even Windows Firewall is disabled and still it is not working. I have checked AWS rules as well and 20,21 ports are open in inbound rules.
Yes i will take in writing that the project want to use FTP and the security risk is owned by them.

Do you have any other stuff i can do to debug this problem?
Logs from vSFTPD
+++++++++++++++++++++++++
[root@ArcMC ~]# tail -100f /var/log/vsftpd.log
Fri May 17 06:22:27 2019 [pid 5937] CONNECT: Client "::ffff:10.126.0.18"
Fri May 17 06:22:27 2019 [pid 5937] FTP response: Client "::ffff:10.126.0.18", "220 (vsFTPd 3.0.2)"
Fri May 17 06:22:27 2019 [pid 5937] FTP command: Client "::ffff:10.126.0.18", "OPTS UTF8 ON"
Fri May 17 06:22:27 2019 [pid 5937] FTP response: Client "::ffff:10.126.0.18", "200 Always in UTF8 mode."
Fri May 17 06:22:30 2019 [pid 5937] FTP command: Client "::ffff:10.126.0.18", "USER baeadmin"
Fri May 17 06:22:30 2019 [pid 5937] [baeadmin] FTP response: Client "::ffff:10.126.0.18", "331 Please specify the password."
Fri May 17 06:22:36 2019 [pid 5937] [baeadmin] FTP command: Client "::ffff:10.126.0.18", "PASS <password>"
Fri May 17 06:22:36 2019 [pid 5936] [baeadmin] OK LOGIN: Client "::ffff:10.126.0.18"
Fri May 17 06:22:36 2019 [pid 5979] [baeadmin] FTP response: Client "::ffff:10.126.0.18", "230 Login successful."
Fri May 17 06:23:02 2019 [pid 5979] [baeadmin] FTP command: Client "::ffff:10.126.0.18", "PORT 10,126,0,18,220,214"
Fri May 17 06:23:02 2019 [pid 5979] [baeadmin] FTP response: Client "::ffff:10.126.0.18", "200 PORT command successful. Consider using PASV."
Fri May 17 06:23:02 2019 [pid 5979] [baeadmin] FTP command: Client "::ffff:10.126.0.18", "NLST"
Fri May 17 06:24:02 2019 [pid 5979] [baeadmin] FTP response: Client "::ffff:10.126.0.18", "425 Failed to establish connection."
Fri May 17 06:29:02 2019 [pid 5979] [baeadmin] FTP response: Client "::ffff:10.126.0.18", "421 Timeout."

gauravtewari88 05-17-2019 02:10 AM
Quote:
Originally Posted by gauravtewari88 (Post 5995971)
Logs from vSFTPD
+++++++++++++++++++++++++
[root@ArcMC ~]# tail -100f /var/log/vsftpd.log
Fri May 17 06:22:27 2019 [pid 5937] CONNECT: Client "::ffff:10.126.0.18"
Fri May 17 06:22:27 2019 [pid 5937] FTP response: Client "::ffff:10.126.0.18", "220 (vsFTPd 3.0.2)"
Fri May 17 06:22:27 2019 [pid 5937] FTP command: Client "::ffff:10.126.0.18", "OPTS UTF8 ON"
Fri May 17 06:22:27 2019 [pid 5937] FTP response: Client "::ffff:10.126.0.18", "200 Always in UTF8 mode."
Fri May 17 06:22:30 2019 [pid 5937] FTP command: Client "::ffff:10.126.0.18", "USER baeadmin"
Fri May 17 06:22:30 2019 [pid 5937] [baeadmin] FTP response: Client "::ffff:10.126.0.18", "331 Please specify the password."
Fri May 17 06:22:36 2019 [pid 5937] [baeadmin] FTP command: Client "::ffff:10.126.0.18", "PASS <password>"
Fri May 17 06:22:36 2019 [pid 5936] [baeadmin] OK LOGIN: Client "::ffff:10.126.0.18"
Fri May 17 06:22:36 2019 [pid 5979] [baeadmin] FTP response: Client "::ffff:10.126.0.18", "230 Login successful."
Fri May 17 06:23:02 2019 [pid 5979] [baeadmin] FTP command: Client "::ffff:10.126.0.18", "PORT 10,126,0,18,220,214"
Fri May 17 06:23:02 2019 [pid 5979] [baeadmin] FTP response: Client "::ffff:10.126.0.18", "200 PORT command successful. Consider using PASV."
Fri May 17 06:23:02 2019 [pid 5979] [baeadmin] FTP command: Client "::ffff:10.126.0.18", "NLST"
Fri May 17 06:24:02 2019 [pid 5979] [baeadmin] FTP response: Client "::ffff:10.126.0.18", "425 Failed to establish connection."
Fri May 17 06:29:02 2019 [pid 5979] [baeadmin] FTP response: Client "::ffff:10.126.0.18", "421 Timeout."

Thanks All for your help.
I managed to sort the problem.

The FTP server attempts to make connections to random high ports on the client so I enabled high ports on Windows VM as inbound and it resolved the connection problem.
I enabled the port range in Windows AWS rule and it worked.

Thanks one and all for your help.

viswax2000 10-31-2019 05:09 PM
setsebool -P ftpd_connect_all_unreserved 1
 
$ getsebool -a | grep ftp
$ setsebool -P ftpd_connect_all_unreserved 1
$ setsebool -P ftpd_use_passive_mode 1


All times are GMT -5. The time now is 05:25 AM.
Page 2 of 2 1 2
Show 50 post(s) from this thread on one page