[SOLVED] 425 Could not open data connection to port XXXXX: Connection refused

Discussion in 'Installation/Configuration' started by razor7, Jun 2, 2018.

  1. razor7

    razor7 Member

    Hi! I'm trying to remotely connect to ftp through TLS but I'm getting connection refused errors Pure-FTPd server. Please advise to solve this. Thanks!

    I have:
    • Added the port range to the ISPConfig firewall Open TCP ports setting ...40110:40210
    • Set port range in pure-ftpd/conf ~/ echo "40110 40210" > /etc/pure-ftpd/conf/PassivePortRange
    • Ran /etc/init.d/pure-ftpd-mysql restart and even restarted the whole server
    • Opened port range in router (DD-WRT) ->NAT/QoS -> Port Range Forwarding: Application "FTP TLS" Start "40110" End "40210" Protocol "Both" IP Address "10.0.0.XX"
    • Opened port 21 in router and tested it
    • Rebooted the router
    With all that done, I'm getting 425 Could not open data connection to port 40160: Connection refused

    To connect, I'm logged into the ssh shell of a HostGator web server that has lftp command which I'm running like this lftp -d -f /home/XXXX/backs/ftp_command.tmp

    The ftp_commands.tmp file contains this:
    FTP connection log:
     
    razor7, Jun 2, 2018
    #1
  2. razor7

    razor7 Member

    Bump...
     
    razor7, Jun 5, 2018
    #2
  3. Jesse Norell

    Jesse Norell Well-Known Member Staff Member Howtoforge Staff

    This is passive mode failing on port 40140:
    You need to re-check exactly the things you said you have done, ie. set the passive port range (which is effective, because 40140 falls within the range), open the firewall for your port range on the local server and on your network level firewall(s), and port forward the range of ports in your NAT to your ftp server.

    Also you might want to set the ip address pureftpd announces (rather than 10.0.0.77). That is not what's causing the failure in this case as your ftp client was smart enough to know it wasn't right, but other ftp clients will have a problem there.


    This is active mode failing:
    Ie. the ftp server was unable to connect back to your client on port 40160. You set the same port range for the client as on the server in your ftp_commands.tmp, which isn't necessary, though doesn't hurt anything. Generally you just setup the server side, so any client can use passive mode to it, but having a TLS compatible ftp client setup could be useful for you if you use many ftp servers.

    If you want active mode to work (ie. where the server connects back to your client for all data transfers), you will need to open that same port range in the firewall(s) on the client end, and likewise forward that port range in your NAT on the client side if there is one. As you mentioned your current ftp client is on a hostgator hosting server, you probably don't have control over this, and you'll just need to work on the server end so passive mode ftp works.
     
    Jesse Norell, Jun 5, 2018
    #3
  4. razor7

    razor7 Member

    Well my setup is OK, the issue comes at the HostGator web server where I need to connect from, seems that they have blocked access to some ports.

    I have tested my setup from another server outside my LAN and works!
     
    razor7, Jun 9, 2018
    #4

Share This Page