Hi I have just set up my server according to this guide: http://howtoforge.com/perfect_setup_centos_4.3 The problem I am having is that I can not login to ftp to access my webspace. I can access it via the web-ftp thing fine, but when I try to connect via my ftp client, is keeps saying "connection failed (connection lost)" Does anyone have anyidea why this is happening? Thanks, british.assassin
Which ftp server are you running? vsftp or proftpd. Your system will install vsftp by default but the perfect setup recommends changing it. I use vsftp: Without knowing much else about your problem make sure your .conf file has local_enable=YES uncommented. Also, are you using web[ID]_username? I'm sure once we know more someone else can help you or I can suggest something else.
WebFTP uses the normaql FTP commands, this means FTP is working on your server. Please check your firewall if it allows FTP. Have you tried active and passive FTP mode?
I use proftpd for my ftp server and I am using [domain]_username for the username (I changed it to this in the ISPConfig settings) I am using the standard ISPConfig firewall which has port 21 TCP open. I tried using both passive and active when connecting, but they both came up with the same error. british.assassin
Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 *:32768 *:* LISTEN 2186/rpc.statd tcp 0 0 *:51234 *:* LISTEN 4684/server_linux tcp 0 0 *:14534 *:* LISTEN 4684/server_linux tcp 0 0 *:mysql *:* LISTEN 12425/mysqld tcp 0 0 *:sunrpc *:* LISTEN 2167/portmap tcp 0 0 *:10000 *:* LISTEN 4543/perl tcp 0 0 *:81 *:* LISTEN 3041/ispconfig_http tcp 0 0 *:ftp *:* LISTEN 3533/proftpd: (acce tcp 0 0 C0A80002.tipt.aol.co:domain *:* LISTEN 3161/named tcp 0 0 server.evowebs.co.uk:domain *:* LISTEN 3161/named tcp 0 0 *:ipp *:* LISTEN 10507/cupsd tcp 0 0 *:smtp *:* LISTEN 6936/master tcp 0 0 server.evowebs.co.uk:rndc *:* LISTEN 3161/named tcp 0 0 *:imaps *:* LISTEN 11864/dovecot tcp 0 0 *op3s *:* LISTEN 11864/dovecot tcp 0 0 *op3 *:* LISTEN 11864/dovecot tcp 0 0 *:imap *:* LISTEN 11864/dovecot tcp 0 0 *:http *:* LISTEN 3064/httpd tcp 0 0 *:ssh *:* LISTEN 10958/sshd tcp 0 0 *:https *:* LISTEN 3064/httpd tcp 0 0 C0A80002.tipt.aol.com:ssh C0A80004.tipt.aol.com:1375 ESTABLISHED 12283/1
Is your server located in your LAN? If so, are you tgrying to connect from inside or outside your LAN? What's the output of Code: iptables -L ? Did you disable SELinux?
My server is located in my LAN and I am trying to connect to it from inside my LAN. I did disable SELinux. The output of iptables -L is: Code: Chain INPUT (policy DROP) target prot opt source destination DROP tcp -- anywhere 127.0.0.0/8 ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere PUB_IN all -- anywhere anywhere PUB_IN all -- anywhere anywhere PUB_IN all -- anywhere anywhere PUB_IN all -- anywhere anywhere DROP all -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED DROP all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination PUB_OUT all -- anywhere anywhere PUB_OUT all -- anywhere anywhere PUB_OUT all -- anywhere anywhere PUB_OUT all -- anywhere anywhere Chain INT_IN (0 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere DROP all -- anywhere anywhere Chain INT_OUT (0 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere ACCEPT all -- anywhere anywhere Chain PAROLE (11 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain PUB_IN (4 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp echo-reply ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp echo-request PAROLE tcp -- anywhere anywhere tcp dpt:ftp PAROLE tcp -- anywhere anywhere tcp dpt:ssh PAROLE tcp -- anywhere anywhere tcp dpt:smtp PAROLE tcp -- anywhere anywhere tcp dpt:domain PAROLE tcp -- anywhere anywhere tcp dpt:http PAROLE tcp -- anywhere anywhere tcp dpt:81 PAROLE tcp -- anywhere anywhere tcp dpt:pop3 PAROLE tcp -- anywhere anywhere tcp dpt:https PAROLE tcp -- anywhere anywhere tcp dpt:10000 PAROLE tcp -- anywhere anywhere tcp dpt:14534 PAROLE tcp -- anywhere anywhere tcp dpt:51234 ACCEPT udp -- anywhere anywhere udp dpt:domain ACCEPT udp -- anywhere anywhere udp dpt:8767 DROP icmp -- anywhere anywhere DROP all -- anywhere anywhere Chain PUB_OUT (4 references) target prot opt source destination ACCEPT all -- anywhere anywhere
What's in /etc/selinux/config? What happens when you disable the firewall? Maybe this thread helps you: http://www.howtoforge.com/forums/showthread.php?t=196
here is the contents of /ets/selinux/config Code: # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - SELinux is fully disabled. SELINUX=disabled # SELINUXTYPE= type of policy in use. Possible values are: # targeted - Only targeted network daemons are protected. # strict - Full SELinux protection. SELINUXTYPE=targeted I also tried disabling the ISPConfig firewall and then restating proftd but still could not connect. I read through the thread you mentioned but none of the fixes worked. I am completely stumped. Before using ISPConfig, I was using webmin + virtualmin GPL and the ftp worked fine (i set up the server according to your CentOS 4.3 guide, but installed virtualmin instead of ISPConfig). Then i decided to give ISPConfig a go so i wiped the drive, to start from fresh, followed the guide, installed ISPConfig, but now it does not work, even though i went through the same setup process. Very strange ... british.assassin
As WebFTP works in your setup, these problems are not related to your FTP setup. They muste be related to your firewall. Please disable the firewall first and then post the output of: iptables -L