hi, I have a problem with pureftpd as it does not work in active mode but it only works in passive mode. on the my firewall I opened ports:21, 20 and 40110 to 40210. I have already open port 20/tcp from server (with ISPConfig) to anywhere. I wrong the configuration of pureftp? Thanks. - Salvatore.
You will have to turn off tls, either in the ftp client or in pure-ftpd, to use active mode ftp. The two (tls and active mode) would work together if you had no firewalls or nat on or between the client and server, but that is a fairly uncommon configuration. As unencrypted ftp isn't a very good idea, you should probably just use passive mode or switch to sftp.
Hi, if I understand correctly to enable ftp access in active mode I have to disable the TLS on pure-ftpd configuration, I currently have: #cat / etc / pure-ftpd / conf / TLS 1 to disable TLS I have to run: echo 0 > /etc/pure-ftpd/conf/TLS Thanks. - Salvatore.
Yeah, pretty much. And just be aware that your ftp usernames/passwords, and the contents of all your ftp sessions (eg. file contents) will be sent in cleartext.
Hi, I disabled the TLS (now it is 0 and restarted ftp service) but in any case in active mode I can not make the ftp connection. Thanks.
Which exact erroe messages do you get in your FTP client? And did you restart pure-ftpd. Beside that, you opened the passive port range 40110 to 40210 in your firewall, but did you set the same range in pure-ftpd too? See also: https://www.faqforge.com/linux/cont...ange-in-pure-ftpd-on-denian-and-ubuntu-linux/
Hi, the error consists in the fact it is not possible to directory listening yes, I have restarted the service pureftp on pureftp I have configured the ftp ports and in passive mode it works Thanks.
Active mode ftp will break if there is a nat or firewall on the client end which is not ftp aware, as the data connections from the server to the client will be blocked. That is the same underlying reason that active mode doesn't work with tls, ie. because a nat/firewall cannot see the ftp control connection in order to open the correct ports. If you have indeed disabled tls and active mode still fails, you will have to look into all the network components between your client and server (start on the client end, with a local firewall/connections sharing, then to your network router, then next hop router....), use passive mode, or abandon ftp for something like sftp. There probably is a reason but it's not obvious: if passive mode works for you, why don't use just use that?
