VSFTPD Passive Mode doesn't work Behind NAT
Solution 1
Late answer, but here goes:
I have all the options turned on like you. It is required, but still won't work.
pasv_enable=YES
pasv_min_port=xxx
pasv_max_port=yyy
pasv_address=
After these 2 lines change, it is working
listen_ipv6=NO
listen=YES
Solution 2
sudo nano /etc/vsftpd.conf
pasv_enable=Yes
pasv_max_port=10100
pasv_min_port=10090
iptables -I INPUT -p tcp --destination-port 10090:10100 -j ACCEPT
sudo ufw allow 10090:10100/tcp
Try allowing Anon login to make sure its not a user/pwd problem. Not sure what pasv_address is. but I have a domain name, so maybe its needed for IP? BTW Check out duckdns for free DNS!
Related videos on Youtube
Derek Lesho
Updated on September 18, 2022Comments
-
Derek Lesho over 1 year
Hey guys so I am trying to allow my friends to connect to my ftp server (I am hosting it on Ubuntu Server 15.04), so I set the pasv_address in the configuration and the port range in the configuration and router. But it still doesn't work. Here is what filezilla says:
Response: 227 Entering Passive Mode (0,0,0,0,203,228). Command: LIST Error: The data connection could not be established: ECONNREFUSED - Connection refused by server Error: Connection timed out Error: Failed to retrieve directory listing
And here is my configuration: http://pastebin.com/j1ZyK7K8
-
Fabby almost 9 yearsAre you sure your ISP allows you to run an FTP server on your internal network? (some ISPs "up-sell" you a "business connection" that do allow you to do things like this)
-
Derek Lesho almost 9 yearsI used to have it working, a few months ago, but I accidentally crashed the server and I couldn't access it to see what I did.
-
-
Fabby almost 9 years@derek-lesho: if the above doesn't work, drop me a note @ Fabby below.
-
Derek Lesho almost 9 yearsI tried this but I am still having the same error. When entering passive mode it says:Command: PASV Response: 227 Entering Passive Mode (0,0,0,0,39,106). Why are there 0s instead of the ip?
-
Derek Lesho almost 9 yearsDo you want me to send the ip and password of my server so you ssh into it and try to find the problem?