LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   Proftpd TLS configuration (https://www.linuxquestions.org/questions/linux-server-73/proftpd-tls-configuration-4175559414/)

gubak 11-20-2015 09:09 AM
Proftpd TLS configuration
 
Hi everyone,



I just configured proftpd (v 1.3.5) in TLS mode. I oened port 21, 443, 21 on the firewall. The FTP client I use is FileZilla.

When I try to connect and the firewall is on I get error:
"Failed to retrieve directory listing"

But when the firewall is off I can connect without problem.

Can you tell me which ports to open?


Here is the error log:

Quote:
Status: Resolving address of xxx.xxx.com
Status: Connecting to xxx.xxx.xxx.xxx:21...
Status: Connection established, waiting for welcome message...
Status: Initializing TLS...
Status: Verifying certificate...
Status: TLS connection established.
Status: Connected
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is the current directory
Command: TYPE I
Response: 200 Type set to I
Command: PASV
Response: 227 Entering Passive Mode .
Command: LIST
Error: Connection timed out after 20 seconds of inactivity
Error: Failed to retrieve directory listing

Thank you very much

berndbausch 11-21-2015 01:51 AM
Passive mode requires more configuration on the firewall, as an additional, normally not predictable port is opened. You might want to google ip_conntrack_ftp, the kernel module that enables openeing that port.

serverpoint.com 11-25-2015 12:38 AM
It seems you can also define the passive port in the proftpd conf file using directive "PassivePorts ". Refer below link.

http://www.proftpd.org/docs/howto/NAT.html


All times are GMT -5. The time now is 07:02 PM.