LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   vsftpd + connection refused (https://www.linuxquestions.org/questions/linux-server-73/vsftpd-connection-refused-584118/)

aeby 09-12-2007 05:55 AM
vsftpd + connection refused
 
Hello everyone,

I have setup vsftpd but i cannot login from the network, there is an external interface on that machine, i can login via that .
I can ftp from the same server but if i try to ftp out of the box it gives me connection refused.

ftp: connect: Connection refused
ftp>

My vsftpd service is runnig :

netstat -a | grep ftp
tcp 0 0 *:ftp *:* LISTEN

iptables --list

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

i also gave
vsftpd: ALL in the /etc/hosts.allow.

Still it gives me a connnection refused.

I also tried reinstalling the ftp server, but no luck ...

how can i login ???

Thanks in advance.

Gethyn 09-12-2007 06:23 AM
By default I think vsftpd is configured to allow anonymous access, but not access for user accounts. Have you checked your config files, using the guide on the vsftpd homepage?

aeby 09-12-2007 07:32 AM
Hi,
This is my vsftpd settings.

anonymous_enable=YES
local_enable=YES
write_enable=YES
local_umask=022
pam_service_name=vsftpd
userlist_enable=YES
listen=YES
tcp_wrappers=YES

Thanks for the help .

Gethyn 09-13-2007 07:16 AM
Your config looks alright, and thinking about it more it seems likely that there's a problem with the daemon itself. If there was a problem with the config, most likely you'd be able to make a connection, but logging in wouldn't be possible. The fact that you have a connection refused error immediately suggests the daemon isn't accessible.

I didn't quite understand your sentence, "I have setup vsftpd but i cannot login from the network, there is an external interface on that machine, i can login via that .
I can ftp from the same server but if i try to ftp out of the box it gives me connection refused."

Perhaps you could explain this further? How many computers do you have, how many are running FTP daemons and which ones are unable to connect to each other? This wasn't clear to me from reading what you wrote.

I guess you could test the connection using telnet or netcat, first from the local machine and then from a remote machine. It sounds like you've a pretty good idea of what you're doing, so I guess it's not necessary to provide instructions.

If the port is closed for both the local and remote scans then you probably need to double your check your firewall rules on the server - I'm not familiar with iptables, so I've no idea if your rules above are okay. If the port appears open from the local connection but closed from the remote connection, there are three main possibilities that I can think of. First is that your remote machine is listed in /etc/hosts.deny on the server. This seems unlikely, but should be quick to check. The second possibility is the outgoing connections from your remote computer are firewalled. You could probably test this by looking up a publically accessible FTP server and trying to access that. If it works then most likely your outgoing connections aren't firewalled. The final thing I can think of is that there may be some kind of firewall on the network, between your server and the remote machine. What kind of network setup is it? Is it a home network that you've set up, or a work one that someone else maintains? Obviously if you set up the network yourself, you'll have a good idea of what is or isn't there, but if it's a work network then you may need to talk to you network admin(s) to resolve this. You might be able to get round it by running the FTP server on a different port that isn't blocked, but that's not an ideal solution.

shinmai 09-13-2007 07:26 AM
Quote:
Originally Posted by Gethyn (Post 2890571)
I didn't quite understand your sentence, "I have setup vsftpd but i cannot login from the network, there is an external interface on that machine, i can login via that .
I can ftp from the same server but if i try to ftp out of the box it gives me connection refused."
I think what he means is, that he can not connect to the deamon from LAN, but connection is possible through a separate WAN interface on the same machine, which I would think would be a problem with wath IP the daemon binds it's listening port to.. Don't have any experience with vsftpd, so can't say for sure.

I had a similiar oversight when trying to configure my servers imapd. I typoed the inteface IP in the configs and accidentaly made the daemon listen on 10.134.1.100 instead of 10.134.0.100, which would have been the external interface...

aeby 09-14-2007 03:06 AM
Hello,

The machine in which i have installed vsftpd is having the ip address u.v.w.x when i do ftp u.v.w.x staying in the same machine i can login and everything is working. But when i go to any other machine in the network say for example a.b.c.d and type ftp u.v.w.x it gives me a connection refused.
I hope the picture is clear now.

Thanks for the reply.

doublejoon 09-14-2007 11:04 AM
Just curious but does your /etc/hosts.deny have?

Code:
ALL:ALL
vsftpd is tcpwrappers aware

aeby 09-17-2007 01:22 AM
Hello ,

The /etc/hosts.deny is empty there are no rules specified in it.


Thanks for the reply.

kasikarvat 09-17-2007 05:40 AM
iptables
 
have u allowed port 21 in iptables, if yes, then don't use tcpwappers just disable with "#" mark.
It will work !!

aeby 09-20-2007 01:29 AM
Hi,

There was a firewall issue , they removed the firewall and sorted.

Thanks


All times are GMT -5. The time now is 06:34 AM.