I've poured over this document and others like it but cannot see where my thinking is wrong in matching to my existing setup. I'm obviously having a port issue, probably getting misconnected in either of the two gateways. Specifically, where can I see the message (if it exists) that ProFTPD generates when it picks an ephemeral data port outside of the passive port range? Does the TS-209 Pro's system log show all messages from ProFTPD? I do notice it mentions when the ProFTPD process is re-launched but I don't think that is a ProFTPD message. What's worse is that when I expand my gateway port forwarding range from 55536-56559 to 40000-56559, my friend's Filezilla can't even connect! He gets the dreaded ECONNREFUSED. The 177,230 SHOULD be (from what here and here says) a port from 55536 to 56559 but instead it's 45542! WHY? I have done this dozens of times and it is in the 40000 range. As I mentioned before even without the "Respond with external IP address for passive FTP connection request" NOT selected within the TS-209 Pro's FTP configuration webpage the x,x,x,x IP address is my Internet IP address so this is as it should be (maybe my gateway is smart enough after all but I can't find that in it's documentation). A real example: I got x,x,x,x,177,230 in the PORT command in Filezilla. I did once set the passive port range in ProFTPD at 40000-65534 but all I got was a lower ephemeral port number in the PORT command, in the 30000 range. Why does ProFTPD always respond with ephemeral ports that are not in the range of passive ports set within the TS-209 Pro's FTP configuration webpage? This webpage from ProFTPD's own documents say that it should or else I should get a message why not. Strangely enough the IP address is correct, it's my Internet IP address, not the LAN IP address. However it's NOWHERE NEAR THE PASSIVE PORT RANGE set in the TS-209 Pro. The PORT command received in my friends Filezilla has a port number originated by the TS-209 Pro (ProFTPD) which is the port the client is asked to connect on.The best anyone on the Internet has done is get logged in (can see in TS-209 Pro's system logs under "online users"), get talking (firend's Filezilla lists login messages and connection status) but the LIST command fails.I have DNS loopback for my FTP site's URL but both that or the TS-209 Pro's LAN IP address work. Within my LAN, Filezilla, IE and Firefox connect with no problem in passive mode.Means it's a restrictive firewall not allowing incoming ports unless the port has been in the outgoing direction once before or it is set for port forwarding to allow unrestricted incoming of data. My friend on the Internet has a typical Linksys (I think) gateway.Filezilla client set for passive mode only (I know active mode works but not everyone has Filezilla, they usually have a browser and they support passive FTP only).Also set for FTP standard and Unicode support. TS-209 Pro (ProFTPD) FTP ports set for port 21 and passive ports 55536-56559 (I have telnetted and verified all ports set correctly in /mnt/HDA_ROOT/.config/nf file).Also port forwarded to the TS-209 Pro are port 21 for TCP, ports 55536-56559 for TCP and ports 55536-56559 for UDP. My gateway is a Xincom XC-DPG502 on one WAN connection.I think I've narrowed it down to the ephemeral ports. Going over his house to mess with Filezilla in a million ways does no good either. I've read everything about FTP, Qnaps and nothing seems to work after hours on the phone with my friend. OK, I'm at my wits end after spending MONTHS trying to get the FTP server to connect passively with anyone on the Internet.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |