FTP server passes test on ftptest.net...however, I cannot connect to the server
Posted: 2019-05-13 19:48
I've set up my FTP server on my server machine behind a NAT router/DSL modem combo. I have the general settings listen on port set to 50101 for the active connection. For the passive mode settings, I have input my static IP address that the router receives from the ISP and the port range is set to 50000-50101. Both I can use my local LAN IP to connect to the server from in side my local LAN. i used the http://tftptest.net and it passes, but with some warnings. I am using the "allow explicit FTP over TLS" checked and i have a local certificate that works FTP over Tls is also listening on port 990. All of the above listed ports are forwarded on the router/modem combo. Pasted below are the results from the ftptest.net test, I have removed the IPs, user/pass and city/state locations from the certificate and replaced with "x":
Warning: Selected port (50101) is not the default port (21) of the selected protocol.
Status: Resolving address of x.x.x.x
Status: Connecting to x.x.x.x
Warning: The entered address does not resolve to an IPv6 address.
Status: Connected, waiting for welcome message...
Reply: 220-Dagrin's FTP
Reply: 220-
Reply: 220 FileZilla Server 0.9.56 beta
Command: CLNT https://ftptest.net on behalf of x.x.x.x
Reply: 200 Don't care
Command: AUTH TLS
Reply: 234 Using authentication type TLS
Status: Performing TLS handshake...
Status: TLS handshake successful, verifying certificate...
Status: Received 1 certificates from server.
Status: cert[0]: subject='CN=x.x.x.x,C=US,ST=state,L=city,EMAIL=xxxx@xxxx.com' issuer='CN=x.x.x.x,C=US,ST=state,L=city,EMAIL=xxxx@xxxx.com'
Command: USER xxxx
Reply: 331 Password required for xxxx
Command: PASS xxxxxx
Reply: 230 Logged on
Command: SYST
Reply: 215 UNIX emulated by FileZilla
Command: FEAT
Reply: 211-Features:
Reply: MDTM
Reply: REST STREAM
Reply: SIZE
Reply: MLST type*;size*;modify*;
Reply: MLSD
Reply: AUTH SSL
Reply: AUTH TLS
Reply: PROT
Reply: PBSZ
Reply: UTF8
Reply: CLNT
Reply: MFMT
Reply: EPSV
Reply: EPRT
Reply: 211 End
Command: PBSZ 0
Reply: 200 PBSZ=0
Command: PROT P
Reply: 200 Protection level set to P
Command: PWD
Reply: 257 "/" is current directory.
Status: Current path is /
Command: TYPE I
Reply: 200 Type set to I
Command: PASV
Reply: 227 Entering Passive Mode (x,x,x,x,195,96)
Command: MLSD
Status: Data connection established, performing TLS handshake...
Status: TLS handshake successful, verifying certificate...
Status: Received 1 certificates from server.
Status: cert[0]: subject='CN=x.x.x.x,C=US,ST=Missouri,L=Kissee Mills,EMAIL=xxxx@xxxx.com' issuer='CN=x.x.x.x,C=US,ST=State,L=City,EMAIL=xxxxxx@xxxx.com'
Status: TLS session of transfer connection has been resumed.
Reply: 150 Opening data channel for directory listing of "/"
Reply: 226 Successfully transferred "/"
Status: Success
Results
Your server is working and assorted routers/firewalls have been correctly configured for explicit FTP over TLS as performed by this test. However there have been warnings about compatibility issues, not all users will be able to use your server.
For maximum compatibility, consider resolving these warnings.
I am not expert by any means, but I am obviously missing something. Can anyone provide any suggestions for things to try? I would be most appreciative.
Warning: Selected port (50101) is not the default port (21) of the selected protocol.
Status: Resolving address of x.x.x.x
Status: Connecting to x.x.x.x
Warning: The entered address does not resolve to an IPv6 address.
Status: Connected, waiting for welcome message...
Reply: 220-Dagrin's FTP
Reply: 220-
Reply: 220 FileZilla Server 0.9.56 beta
Command: CLNT https://ftptest.net on behalf of x.x.x.x
Reply: 200 Don't care
Command: AUTH TLS
Reply: 234 Using authentication type TLS
Status: Performing TLS handshake...
Status: TLS handshake successful, verifying certificate...
Status: Received 1 certificates from server.
Status: cert[0]: subject='CN=x.x.x.x,C=US,ST=state,L=city,EMAIL=xxxx@xxxx.com' issuer='CN=x.x.x.x,C=US,ST=state,L=city,EMAIL=xxxx@xxxx.com'
Command: USER xxxx
Reply: 331 Password required for xxxx
Command: PASS xxxxxx
Reply: 230 Logged on
Command: SYST
Reply: 215 UNIX emulated by FileZilla
Command: FEAT
Reply: 211-Features:
Reply: MDTM
Reply: REST STREAM
Reply: SIZE
Reply: MLST type*;size*;modify*;
Reply: MLSD
Reply: AUTH SSL
Reply: AUTH TLS
Reply: PROT
Reply: PBSZ
Reply: UTF8
Reply: CLNT
Reply: MFMT
Reply: EPSV
Reply: EPRT
Reply: 211 End
Command: PBSZ 0
Reply: 200 PBSZ=0
Command: PROT P
Reply: 200 Protection level set to P
Command: PWD
Reply: 257 "/" is current directory.
Status: Current path is /
Command: TYPE I
Reply: 200 Type set to I
Command: PASV
Reply: 227 Entering Passive Mode (x,x,x,x,195,96)
Command: MLSD
Status: Data connection established, performing TLS handshake...
Status: TLS handshake successful, verifying certificate...
Status: Received 1 certificates from server.
Status: cert[0]: subject='CN=x.x.x.x,C=US,ST=Missouri,L=Kissee Mills,EMAIL=xxxx@xxxx.com' issuer='CN=x.x.x.x,C=US,ST=State,L=City,EMAIL=xxxxxx@xxxx.com'
Status: TLS session of transfer connection has been resumed.
Reply: 150 Opening data channel for directory listing of "/"
Reply: 226 Successfully transferred "/"
Status: Success
Results
Your server is working and assorted routers/firewalls have been correctly configured for explicit FTP over TLS as performed by this test. However there have been warnings about compatibility issues, not all users will be able to use your server.
For maximum compatibility, consider resolving these warnings.
I am not expert by any means, but I am obviously missing something. Can anyone provide any suggestions for things to try? I would be most appreciative.