LinuxQuestions.org - FTP Server Timeout with vsFTPd

- Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)

- - FTP Server Timeout with vsFTPd (https://www.linuxquestions.org/questions/linux-server-73/ftp-server-timeout-with-vsftpd-741198/)

FTP Server Timeout with vsFTPd

When attempting to access my FTP server over the internet, the connection times out when the client sends the LIST command:

Code:

Status:        Connection established, waiting for welcome message...

Response:        220 (vsFTPd 2.1.2)

Command:        USER anonymous

Response:        331 Please specify the password.

Command:        PASS **************

Response:        230 Login successful.

Command:        OPTS UTF8 ON

Response:        200 Always in UTF8 mode.

Status:        Connected

Status:        Retrieving directory listing...

Command:        PWD

Response:        257 "/"

Command:        TYPE I

Response:        200 Switching to Binary mode.

Command:        PASV

Response:        227 Entering Passive Mode (xxx,xx,xx,xxx,255,147).

Command:        LIST

Error:        Connection timed out

Error:        Failed to retrieve directory listing

Note: the x's replace my WAN address

However, when being accessed from a LAN the server simply sends the list, and the client is able to browse the server directories just fine.

Thanks in advance,
Kenji

read through this... http://slacksite.com/other/ftp.html Doing passive like you are, unless you are 1) doing connection tracking on your firewall / nat devices 2) specifically limiting FTP data connections to a narrow range of ports explicitly configured to permit access, you're stuck. Option 1 is good. option 2 sucks. option 3 is to use active mode, which may well fail depending on the clients configurations.

You *may* wish to ditch FTP altogether and use SFTP instead, which *only* uses port 22, so is very simple to handle within a network.