LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 04-21-2016, 05:35 AM   #1
dirkjo
LQ Newbie
 
Registered: Apr 2016
Posts: 2

Rep: Reputation: Disabled
vsftpd: error 425 Failed to establish connection.


Hi,

I'm running vsftpd on an OpenSuse 13.1 This server is behind a router which forwards external port 30021 to internal port 21. I want to download a file "test" from this server via browser.

When entering ftp://<internal IP>/test it works fine, when entering ftp://<external IP>:30021/test it doesn't work and I'm getting the error "425 Failed to establish connection".

vsftpd config:

userlist_deny=NO
userlist_enable=YES
userlist_file=/etc/vsftpd.user_list
dirmessage_enable=YES
nopriv_user=ftpsecure
local_enable=YES
chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list
allow_writeable_chroot=YES
anonymous_enable=YES
anon_world_readable_only=YES
syslog_enable=NO
connect_from_port_20=YES
ascii_upload_enable=YES
pam_service_name=vsftpd
listen=YES
ssl_enable=NO
pasv_min_port=30000
pasv_max_port=30100
pasv_address=xxx.xxx.xxx.xxx
anon_mkdir_write_enable=NO
anon_root=/srv/ftp
anon_upload_enable=NO
ftpd_banner=Welcome message
idle_session_timeout=900
log_ftp_protocol=NO
max_clients=10
max_per_ip=3
pasv_enable=YES
ssl_sslv2=NO
ssl_sslv3=NO
ssl_tlsv1=YES

Any ideas what to change?
Thanks in advance

Last edited by dirkjo; 04-21-2016 at 09:44 AM.
 
Old 04-21-2016, 09:03 AM   #2
tshikose
Member
 
Registered: Apr 2010
Location: Kinshasa, Democratic Republic of Congo
Distribution: RHEL, Fedora, CentOS
Posts: 462

Rep: Reputation: 86
Hi,

I think the problem is related to the fact that the FTP protocol uses two connections: one for the commands (21) and another for the data.
It also depend if you are using active or passive FTP. While vsftpd support both, generally FTP clients initiate passive sessions.

That said, firewalls generally do not support FTP correctly.
Sometimes they just do not allow the active connection from port 20 to go out or to get responses, or they are unable to open and allow through the random port used with passive connections.
If your router is on Linux and it has decent (recent) kernel, then have look at iptables modules, as there are some that work well for passive FTP.
 
Old 04-21-2016, 10:04 AM   #3
dirkjo
LQ Newbie
 
Registered: Apr 2016
Posts: 2

Original Poster
Rep: Reputation: Disabled
Hi,

thanks for your answer.

The router is a TP-Link TL6020 and has only a web-interface. I have no Linux access on it.

Using WinSCP (FTP) I tried both active and passive mode. Both gives the same result: 425 ...
 
Old 04-21-2016, 10:32 AM   #4
tshikose
Member
 
Registered: Apr 2010
Location: Kinshasa, Democratic Republic of Congo
Distribution: RHEL, Fedora, CentOS
Posts: 462

Rep: Reputation: 86
Hi,

I am afraid that you do not have an adequate firewall in order to enable FTP through port forwarding.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
FTP ERROR- 425 failed to establish connection vignesh4sh Linux - Server 2 02-04-2013 01:27 AM
vsftpd server not listing ( 425 Failed to establish connection) oscargim Linux - Server 4 09-05-2012 10:41 PM
425 - failed to establish connection with vsftp and the firewall on brucerowe Linux - Networking 4 02-07-2012 12:28 AM
425 Failed to establish connection. ftp saravanakumar Linux - Server 1 08-09-2011 07:47 AM
vsftpd - 425 failed to establish connection mohitanchlia Linux - Networking 7 03-17-2009 05:43 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 05:05 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration