LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 04-07-2004, 09:16 PM   #1
claudermilk
LQ Newbie
 
Registered: May 2002
Distribution: Fedora Core 1
Posts: 13

Rep: Reputation: 0
vsftpd hiding behind router


I'm stumped. I am trying to get vsftpd running on a Fedora Core 1 install. It seems to be working ok locally; I can log in anonymous on the server box and I can do the same using the LAN IP address from my Windows box. But, when I try to log in through the WAN IP either from the local Windows box or a remote machine it dies.

The server seems to respond ok, asking for USER and PASS and logging in. I can get a help listing, but trying to get a directory & it dies. First I get "200 PORT Command successful. Consider using PASV" then after about 20 sec or so I get "425 Failed to establish connection"

The box is behind a D-Link 704; their tech support says it requires using passive mode for both server & client. I have set pasv_enable to yes & set a pasv_min_port and pasv_max_port. The firewall on the D-Link has ports 20 & 21 open and routed to the correct box.

Any ideas?
 
Old 04-08-2004, 10:39 AM   #2
maxut
Senior Member
 
Registered: May 2003
Location: istanbul
Distribution: debian - redhat - others
Posts: 1,188

Rep: Reputation: 50
try
#modprobe ip_ftp_nat

it will load iptables passive ftp modules. actually this is needed for SNAT. let me know the if it works. because im not sure
 
Old 04-08-2004, 08:56 PM   #3
claudermilk
LQ Newbie
 
Registered: May 2002
Distribution: Fedora Core 1
Posts: 13

Original Poster
Rep: Reputation: 0
no go. I don't have iptables running just to keep that out of the equation right now.

I did a netstat & I got both ports 20 & 21 showing as listen.

I'm pretty sure the problem is related to the router; I can log in fine through the local IP address, but if I try the WAN IP address I run into problems.
 
Old 04-09-2004, 02:09 AM   #4
maxut
Senior Member
 
Registered: May 2003
Location: istanbul
Distribution: debian - redhat - others
Posts: 1,188

Rep: Reputation: 50
yes u are right, this s a trouble with your router. it must support passive ftp. r u sure that your ftp client uses passive ftp?

when your both of ftp server and ftp client use passive ftp, it must work. make sure that your ftp client software work passive mod. what s it?
 
Old 04-09-2004, 06:32 AM   #5
CaptainInsane
Member
 
Registered: Nov 2003
Location: Peoria
Distribution: Fedora 8
Posts: 92

Rep: Reputation: 15
I had the same problem when setting up vsftpd in RH9.

What I had to do was set iptables and the router to allow the
high port range you specified in your pasv_min_port and pasv_max_port
entries.

That fixed it for me.

Let me know how if it works, or if I am wrong about that.


 
Old 04-09-2004, 12:50 PM   #6
claudermilk
LQ Newbie
 
Registered: May 2002
Distribution: Fedora Core 1
Posts: 13

Original Poster
Rep: Reputation: 0
I believe the ftp clients I've tried support passive. I've tried the command-line Windows one & a couple of freebie GUI clients (FTP Commander & ACE FTP off tucows), both have a passive mode option, which I've turned on. Any suggestions on one I can try that's known to support that?

As for the router, I have opened the ports I specified for pasv_min_port and pasv_max_port. I have iptables shut down to eliminate that variable.

I've also tried putting the server's IP in the DMZ setting for the router. If I understand that correctly, it's telling the router to pass everything through to the IP address without firewalling it at all. In any case, that didn't seem to work either.

I think I'll go back & triple-check all settings again.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
vsftpd behind router not working in some cases setdosa Linux - Networking 9 05-09-2008 09:22 AM
VSFTPD with 500 oops :vsftpd: missing argv[0] mole_13 Linux - Newbie 0 05-04-2005 01:05 AM
VSFTPD and DSL router probs nuzzy Linux - Networking 0 02-11-2004 10:37 AM
vsftpd, router and external access; Oh my! Imyrryr Linux - Networking 14 09-07-2003 09:22 AM
vsftpd behind router doing nat - enabling passive alansk Linux - Software 0 07-16-2003 06:13 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 12:52 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration