Hi, I am having a problem with ftp: Using Filezilla, I can connect to FTP by using my local network IP. If I instead gives it the real site URL, the following happens: The URL is correctly translated to my external IP TLS is approved TLS connection is established Fetching folder list And here it comes: The server sent a passive answer that cannot be routed. Using the server address instead - and then it fails. In my router I have forwarded ports 20, 21, 50000 - 51000. OS is Debian 8 Jessie. Here is the result of hts_report: ##### SERVER ##### IP-address (as per hostname): ***.***.***.*** IP-address(es) (as per ifconfig): ***.***.***.*** [INFO] ISPConfig is installed. ##### ISPCONFIG ##### ISPConfig version is 3.0.5.4p8 ##### VERSION CHECK ##### [INFO] php (cli) version is 5.6.14-0+deb8u1 [INFO] php-cgi (used for cgi php in default vhost!) is version 5.6.14-0+deb8u1 ##### PORT CHECK ##### ##### MAIL SERVER CHECK ##### ##### RUNNING SERVER PROCESSES ##### "htf_report.txt" 113L, 3203C 1,0-1 Top ##### SERVER ##### IP-address (as per hostname): ***.***.***.*** IP-address(es) (as per ifconfig): ***.***.***.*** [INFO] ISPConfig is installed. ##### ISPCONFIG ##### ISPConfig version is 3.0.5.4p8 ##### VERSION CHECK ##### [INFO] php (cli) version is 5.6.14-0+deb8u1 [INFO] php-cgi (used for cgi php in default vhost!) is version 5.6.14-0+deb8u1 ##### PORT CHECK ##### ##### MAIL SERVER CHECK ##### ##### RUNNING SERVER PROCESSES ##### [INFO] I found the following web server(s): Apache 2 (PID 1031) [INFO] I found the following mail server(s): Postfix (PID 1537) [INFO] I found the following pop3 server(s): Dovecot (PID 538) [INFO] I found the following imap server(s): Unknown process (init) (PID 1) [INFO] I found the following ftp server(s): PureFTP (PID 4084) ##### LISTENING PORTS ##### (only () Local (Address) ***.***.***.***:23104 (4339/pure-ftpd) ***.***.***.***:12737 (4482/pure-ftpd) [anywhere]:993 (1/init) [anywhere]:995 (538/dovecot) [localhost]:10024 (1559/amavisd-new) [localhost]:10025 (1537/master) [anywhere]:587 (1537/master) [localhost]:11211 (499/memcached) [anywhere]:110 (538/dovecot) [anywhere]:143 (1/init) [anywhere]:111 (392/rpcbind) [anywhere]:465 (1537/master) ***.***.***.***:51890 (4352/pure-ftpd) [localhost]:5939 (632/teamviewerd) ***.***.***.***:5236 (4565/pure-ftpd) [anywhere]:21 (4084/pure-ftpd) ***.***.***.***:53 (513/named) [localhost]:53 (513/named) ***.***.***.***:55286 (4552/pure-ftpd) [anywhere]:22 (511/sshd) [localhost]:631 (780/cupsd) [anywhere]:40408 (414/rpc.statd) [anywhere]:25 (1537/master) [localhost]:953 (513/named) *:*:*:*::*:443 (1031/apache2) *:*:*:*::*:993 (1/init) *:*:*:*::*:995 (538/dovecot) *:*:*:*::*:10024 (1559/amavisd-new) *:*:*:*::*:3306 (847/mysqld) *:*:*:*::*:587 (1537/master) [localhost]10 (538/dovecot) [localhost]43 (1/init) [localhost]11 (392/rpcbind) *:*:*:*::*:8080 (1031/apache2) *:*:*:*::*:80 (1031/apache2) *:*:*:*::*:465 (1537/master) *:*:*:*::*:8081 (1031/apache2) *:*:*:*::*:21 (4084/pure-ftpd) *:*:*:*::*:53 (513/named) *:*:*:*::*:22 (511/sshd) *:*:*:*::*:631 (780/cupsd) *:*:*:*::*:36215 (414/rpc.statd) *:*:*:*::*:25 (1537/master) *:*:*:*::*:953 (513/named) ##### IPTABLES ##### Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain fail2ban-dovecot-pop3imap (0 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 Chain fail2ban-postfix-sasl (0 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 Chain fail2ban-pureftpd (0 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 Chain fail2ban-ssh (0 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 My client OS is Windows 10 Pro. Cheers Niels
Set your external IP as passive IP in pure-ftpd: nano /etc/pure-ftpd/conf/ForcePassiveIP add just the external IP into this new file, save the file and restart the pure-ftpd-mysql service.
Thank you Till, that got rid of the unrouteable error message, but it still cannot connect. Now everything is fine, until Filezilla tries to get the folder list. And then: Status: Henter mappeliste... Kommando: PWD Respons: 257 "/" is your current location Kommando: TYPE I Respons: 200 TYPE is now 8-bit binary Kommando: PASV Respons: 227 Entering Passive Mode (83,249,188,153,76,78) Kommando: MLSD Fejl: Forbindelse timet ud efter 20 sekunders mangel på aktivitet Fejl: Kunne ikke hente mappeindholdsliste I can see that it uses port 990 for this, so I have forwarded that port also. Should I forward more ports ? Cheers Niels
Please set a passive port range and forward the complete range that you configured in pure-ftpd: http://www.faqforge.com/linux/contr...ange-in-pure-ftpd-on-denian-and-ubuntu-linux/
