Re: getting vsftpd into active mode

From: Enkidu (enkidu.com_at_com.cliffp.com)
Date: 04/04/05

  • Next message: Des Cavin: "Sony CCD-V9 Video Camera and Liinux" 
    Date: Mon, 04 Apr 2005 11:32:59 +1200

    Phil wrote:
    > It would seem that my router will only allow active FTP communication
    > and blocks passive. So...how do I connect actively? Is this a client
    > or server configuration? Is the an FTP command?
    >
    > I'm slowly chipping away on this problem. Suggestions more than welcome.
    >
    > I'm using Fedora 2.
    >
    It's a server setup config, but the client has to comply.

    You don't say if you are setting up a server or a client.
    Assuming server, your vsftpd must be set to expect active
    mode ftp *if* it actually restricts the mode. Usually by
    default an ftp server doesn't but vsftpd may have a default
    mode.

    Active ftp requires an incoming port open at the router
    (port 21) and it requires that the *client* be able to
    accept connections on port 20. If the client is unable to
    accept incoming connections (ie it is behind a firewall) the
    session will fail.

    Passive ftp requires an incoming client port on the router
    (port 21) and uses other high number (above 1024) incoming
    ports. You'd have to a) tell vsftpd to use these ports and
    b) open the ports on your router.

    Try this for a definitive explanation.

    http://slacksite.com/other/ftp.html

    To make passive work you'll need to configure the router to
    pass specific high order ports and configure vsftpd to know
    this. To make active work you will need to allow incoming
    port 21 at the router and the client must allow connection
    on port 20 through any firewalls and stuff between your
    server and the client.

    Cheers,

    Cliff 

    -- 
Barzoomian the Martian - http://barzoomian.blogspot.com
  • Next message: Des Cavin: "Sony CCD-V9 Video Camera and Liinux"

    Relevant Pages

    • Re: Using Remote Desktop From an SBS Domain
      ... when you tried to RDP while attached directly to a port on your router? ... So if 3389 needs forwarded on the client end too then that is what the ... Hopefully next week I can attempt a connection while my ISP watches the ...
      (microsoft.public.windows.server.sbs)
    • RE: Telnet/ftp problems SBS2000
      ... Please make sure your client computers are configured as both Firewall ... will find two options "Enable folder view for FTP sites" and "Use Passive ... that the control connection has been successfully established, ... (other than port 21) ...
      (microsoft.public.windows.server.sbs)
    • Re: Remote mvBase Access...
      ... and straightforward - requires no software installatiom on the client (it ... >>Depends on the firewall/ router, so I can't really comment specifically. ... > them through installation of VNC or similar on their machine. ... IIRC on port 5500). ...
      (comp.databases.pick)
    • Re: Telnet/ftp problems SBS2000
      ... the client became desperate so we had to find a ... the software communicates on port 308. ... So I don't really know if telnet or ftp ... the connection can be established ...
      (microsoft.public.windows.server.sbs)
    • Re: Microsoft FTP Server problem on W2K?
      ... I have technical responsibility for this FTP implementation, ... Since PASV voids PORT, the client side ... connect to the server from" isn't implied by the text of the RFC. ...
      (microsoft.public.inetserver.iis.security)