dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
3687

filosad
@verizon.net

filosad

Anon

[Networking] FTP Server over FIOS

Hello, I am attempting to setup a FTP Server using Win2003 Server. I can access it internally using a standard FTP client w/o any issues. I setup a friendly name (via dyndns) which I can picg externally (out of my network) w/o any issues. When I attempt to access from the outside with any FTP Client, I cannot access my FTP site. I have port forward enabled. I configured NAT, nothing works. What am I doing wrong ? Any help would be appreciated...Thx....filosad
mikev
Premium Member
join:2002-05-04
Leesburg, VA
·Verizon FiOS
(Software) pfSense
Panasonic KX-TGP600

mikev

Premium Member

Make sure that your FTP client is configured to use PASV mode. PASV mode will usually work through most NAT setups.

If you're using a command line client, usually typing pasv as the command (some older clients you may need to use quote pasv to send the command directly to the server) will enable this mode.

If you use a GUI FTP client doesn't have an option for PASV mode, find a new one. There are plenty that do.

Mahalo
join:2000-12-20
united state

2 recommendations

Mahalo to filosad

Member

to filosad
Make sure you have 20 & 21 port forward to the internal address. I find that most people leave out 20.

Post a screenshot of you rules if it does not work.

houkouonchi
join:2002-07-22
Ontario, CA

houkouonchi to filosad

Member

to filosad
Actually from a server perspective passive is less likely to work correctly because it will listen on random ports. On proftp (on linux) I had to set specifically what ports are used for passive via:

PassivePorts 3000 3200

In the config file and then have ports 3000-3200 forwarded to the machine behind the NAT to get passive working. Regular mode worked without this for me but passive would not.

filosad
@verizon.net

filosad to mikev

Anon

to mikev
I am using FileZilla as the FTP Client. I have checked that I am using passive mode. Still have connection issues. Following error from client (via external):

Connection attempt failed with "ECONNREFUSED - Connection refused by server".
Error: Could not connect to server

Same client on the internal network, no issues. Hope that helps....filosad

Mahalo
join:2000-12-20
united state

Mahalo

Member

Try it without using passv mode or use Windows FTP client. Make sure 20 & 21 are forwarded to the correct server. Post rules if that does not work.
dmine45
join:2002-11-03
Fredericksburg, VA

dmine45 to filosad

Member

to filosad
Are you sure that you haven't enabled the Windows firewalls and preventing the FTP servers from being seen?

Like others have said, make sure both ports 20 and 21 are forwarded. FTP is the only protocol that I know of that uses two ports for transmission. All other ones are single ports.

Mahalo
join:2000-12-20
united state

Mahalo

Member

Since he could get to it on the inside, the MS firewall should not be in the way.
20 is transfer and 21 is for control. There are other apps that use multiple ports. Take a stroll through the common port list
nh5
join:2006-01-21
Old Bethpage, NY

nh5

Member

You have to set the external IP in IIS settings plus set the port range for passive mode when using behind NAT
dmine45
join:2002-11-03
Fredericksburg, VA

dmine45 to Mahalo

Member

to Mahalo
Well aware of that list. I was trying to simplify it for those who aren't IT Experts.

filosad
@verizon.net

filosad to nh5

Anon

to nh5
Presently, I have IIS bound to the internal network address. If I attempt to do what is suggested, will I still be able to access my FTP server from the inside (internal network) ? It is more likely, I will be using the FTP server from the outside so that should not be an issue. Do I still need to port forward ports 20 & 21 ? Do I still need to configure NAT on the Actiontec Router (Fios). What is the preferred method. Thx so far fro your help.......filosad.

houkouonchi
join:2002-07-22
Ontario, CA

houkouonchi

Member

non passive mode should 100% work on the internal LAN just use the LAN IP instead of the WAN IP. Sometimes it won't work internally so I assume you are testing from a remote machine. Not all arouters forward back internal IP to the public IP back to the internal LAN (like a loopback). That being said some passive protocols will have a 'masquerade IP address' it uses when using passive mode making it not work on the LAN but I am not sure if that would be the case with windows/IIS stuff as I am more of a unix guy.

Mahalo
join:2000-12-20
united state

1 recommendation

Mahalo to filosad

Member

to filosad
Just leave the bound IP to All in IIS and everything will work fine. Use the internal IP for FTP when you are on the LAN and use the external IP from the outside.

You need to forward 20 & 21 from the outside in.
MikeSpears
join:2013-02-07
Concord, NC

MikeSpears to filosad

Member

to filosad
Use FileZilla Server instead, it's a much more modern FTP server. Also you might want to look at upgrading to a more recent server OS, or linux.