Help answer threads with 0 replies.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 03-22-2006, 03:42 AM   #1
Registered: Aug 2003
Distribution: SuSE 8.1 pro
Posts: 94

Rep: Reputation: 15
vsftpd no allowing PASV mode

I am having trouble with vsftp. The problem I am having is trying to get the vsftpd to permit PASV mode connections. At the moment, it isn't accepting PASV mode. When I connect and have PASV turned on in my ftp client, I get the following:

220 Welcome to the FTP Server.
USER myftpuser
331 Please specify the password.
PASS (password not shown)
230 Login successful.
257 "/"
200 Switching to ASCII mode.
250 Directory successfully changed.
227 Entering Passive Mode (210,19,194,98,146,112)

It then just sits there until it times out. No directory listing, nothing. If I connect with PASV mode turned off, I can access correctly. As you can see from my vsftpd.conf file listed below, I have pasv_enable=YES so I am somewhat confused as to why it wouldn't permit me to get directory listings etc. in pasv mode.

ftpd_banner=Welcome to the FTP Server.
pasv_address=x.y.w.z (I have a fixed IP which I have removed for this post)

I have noted that there has been some discussion where people have problems access in pasv mode due to router problems. Currently I am trying to first establish everything working from my internal network so the router shouldn't be an issue(I think, but external connections to my FTP are finding the same result). However, incase it is, I am using a Dlink DI-704P with firmware v3.04. The firewall is run by the router and not my linux box so I assume it isn't a firewall issue.

Does anyone have any ideas how to solve this?

The rest of my kit:
SuSE Linux 9.1
vsftp 2.0.4
Old 03-22-2006, 05:21 AM   #2
Senior Member
Registered: Nov 2005
Location: Belgium
Distribution: Red Hat, Fedora
Posts: 1,515

Rep: Reputation: 61
Passive and active FTP mode are only different in one aspect. The port numbers they use.
Active mode uses ports 20 and 21 on the server. Passive mode uses ports 20 and a port > 1024.
Ports < 1024, called privileged ports, are reserved for certain protocols (ie port 80 => always HTTP protocol).
Servers offering HTTP service (ie web service) will thus need to open port 80.
Ports > 1024, on the other hand, are free to be used by any application in principle. Because these ports are used by clients when they connect to a server on a privileged port, servers usually have blocked access to these ports (servers aren't intended for running client apps). However, passive ftp is an exception to this rule of thumb.

Maybe your firewall doesn't allow access to ports > 1024 on the server, thus blocking any data from passing
when you're in passive mode.

To solve that:
-decide on a range of port numbers (not just one, but ie 100 consecutive numbers) above 1024 to be used for passive FTP.
-unblock access to those ports on the firewall
-make sure the ftp server uses a port in the chosen range for passive ftp.
Old 03-22-2006, 10:43 AM   #3
Registered: Aug 2003
Distribution: SuSE 8.1 pro
Posts: 94

Original Poster
Rep: Reputation: 15
Thanks, I'll give that a shot first thing in the morning.
Old 03-23-2006, 03:28 AM   #4
Registered: Aug 2003
Distribution: SuSE 8.1 pro
Posts: 94

Original Poster
Rep: Reputation: 15
Your suggestion seemed to work. I find it very strange since I was trying to connect from behind the firewall so the ports on the router shouldn't have made a difference but they did. Anyway, I'm grateful it is now working. Thanks


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
VSFTP and PASV mode JohnLinx Linux - Networking 0 01-12-2005 06:06 PM
PASV mode connection error in proftpd Kerr Linux - Software 2 07-05-2004 05:27 AM
PASV mode with Sarge and Wget Zaskar Debian 0 03-02-2004 03:49 PM
Vsftpd PASV mode is there such a thing? lawman Linux - Software 2 12-12-2003 10:56 AM
pasv mode dica Linux - Networking 3 04-15-2003 10:09 AM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 12:20 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration