Can't open data connection with FTP over TLS
Posted: 2021-06-10 11:21
Hi there
I've using uncrypted FTP for years and now I want to switch to explicit FTP over TLS
My server version: 9.60.2 running on Windows 7
I have followed the guidelines
FTP over TLS settings:
Enable FTP over TLS support
enable Dissalow plain unencrypted FTP
I have generated a certifcate
Explicit and implicit FTP over TLS enabled
As I am behind a router: Passive mode settings:
use custom port range: 50000-51000
IP of my server: 217.109.196.XXX
When testing with https://ftptest.net:
===============================================================================================================
Status: Resolving address of 80.11.XXX.XXX
Status: Connecting to 80.11.XXX.XXX
Warning: The entered address does not resolve to an IPv6 address.
Status: Connected, waiting for welcome message...
Reply: 220-FileZilla Server 0.9.60 beta
Reply: 220 Bienvenue sur notre FTP
Command: CLNT https://ftptest.net on behalf of 217.109.196.XXX
Reply: 200 Don't care
Command: AUTH TLS
Reply: 234 Using authentication type TLS
Status: Performing TLS handshake...
Status: TLS handshake successful, verifying certificate...
Status: Received 1 certificates from server.
Status: cert[0]: subject='CN=80.11.206.22,C=FR,ST=Nouvelle Aquitaine,L=CERIZAY,O=XXXIndustrie,EMAIL=XXXXXXXXXXX' issuer='CN=80.11.206.22,C=FR,ST=Nouvelle Aquitaine,L=CERIZAY,O=XXXXXXXXX,EMAIL=XXXXXXXXXX'
Command: USER CARTOL
Reply: 331 Password required for cartol
Command: PASS ********
Reply: 230 Logged on
Command: SYST
Reply: 215 UNIX emulated by FileZilla
Command: FEAT
Reply: 211-Features:
Reply: MDTM
Reply: REST STREAM
Reply: SIZE
Reply: MLST type*;size*;modify*;
Reply: MLSD
Reply: AUTH SSL
Reply: AUTH TLS
Reply: PROT
Reply: PBSZ
Reply: UTF8
Reply: CLNT
Reply: MFMT
Reply: EPSV
Reply: EPRT
Reply: 211 End
Command: PBSZ 0
Reply: 200 PBSZ=0
Command: PROT P
Reply: 200 Protection level set to P
Command: PWD
Reply: 257 "/" is current directory.
Status: Current path is /
Command: TYPE I
Reply: 200 Type set to I
Command: PASV
Reply: 227 Entering Passive Mode (217,109,XXX,XXX,197,121)
Command: MLSD
Reply: 425 Can't open data connection for transfer of "/"
Error: Listing failed
Results
Error: Listing failed
Make sure the account has permissions to list directories.
==========================================================================
When using Filezilla Client:
Statut : Connexion à 80.11.XXX.XXX:21...
Statut : Connexion établie, attente du message d'accueil...
Réponse : 220 FTP Welcome
Commande : AUTH TLS
Réponse : 234 Using authentication type TLS
Statut : Initialisation de TLS...
Erreur : Erreur GnuTLS -15: An unexpected TLS packet was received.
Erreur : Impossible d'établir une connexion au serveur
==========================================================================
(the XXX come from me)
On my router, I made a rule, TCP protocol on port 21 goes to 192.168.XXX.XXX
thank you
I've using uncrypted FTP for years and now I want to switch to explicit FTP over TLS
My server version: 9.60.2 running on Windows 7
I have followed the guidelines
FTP over TLS settings:
Enable FTP over TLS support
enable Dissalow plain unencrypted FTP
I have generated a certifcate
Explicit and implicit FTP over TLS enabled
As I am behind a router: Passive mode settings:
use custom port range: 50000-51000
IP of my server: 217.109.196.XXX
When testing with https://ftptest.net:
===============================================================================================================
Status: Resolving address of 80.11.XXX.XXX
Status: Connecting to 80.11.XXX.XXX
Warning: The entered address does not resolve to an IPv6 address.
Status: Connected, waiting for welcome message...
Reply: 220-FileZilla Server 0.9.60 beta
Reply: 220 Bienvenue sur notre FTP
Command: CLNT https://ftptest.net on behalf of 217.109.196.XXX
Reply: 200 Don't care
Command: AUTH TLS
Reply: 234 Using authentication type TLS
Status: Performing TLS handshake...
Status: TLS handshake successful, verifying certificate...
Status: Received 1 certificates from server.
Status: cert[0]: subject='CN=80.11.206.22,C=FR,ST=Nouvelle Aquitaine,L=CERIZAY,O=XXXIndustrie,EMAIL=XXXXXXXXXXX' issuer='CN=80.11.206.22,C=FR,ST=Nouvelle Aquitaine,L=CERIZAY,O=XXXXXXXXX,EMAIL=XXXXXXXXXX'
Command: USER CARTOL
Reply: 331 Password required for cartol
Command: PASS ********
Reply: 230 Logged on
Command: SYST
Reply: 215 UNIX emulated by FileZilla
Command: FEAT
Reply: 211-Features:
Reply: MDTM
Reply: REST STREAM
Reply: SIZE
Reply: MLST type*;size*;modify*;
Reply: MLSD
Reply: AUTH SSL
Reply: AUTH TLS
Reply: PROT
Reply: PBSZ
Reply: UTF8
Reply: CLNT
Reply: MFMT
Reply: EPSV
Reply: EPRT
Reply: 211 End
Command: PBSZ 0
Reply: 200 PBSZ=0
Command: PROT P
Reply: 200 Protection level set to P
Command: PWD
Reply: 257 "/" is current directory.
Status: Current path is /
Command: TYPE I
Reply: 200 Type set to I
Command: PASV
Reply: 227 Entering Passive Mode (217,109,XXX,XXX,197,121)
Command: MLSD
Reply: 425 Can't open data connection for transfer of "/"
Error: Listing failed
Results
Error: Listing failed
Make sure the account has permissions to list directories.
==========================================================================
When using Filezilla Client:
Statut : Connexion à 80.11.XXX.XXX:21...
Statut : Connexion établie, attente du message d'accueil...
Réponse : 220 FTP Welcome
Commande : AUTH TLS
Réponse : 234 Using authentication type TLS
Statut : Initialisation de TLS...
Erreur : Erreur GnuTLS -15: An unexpected TLS packet was received.
Erreur : Impossible d'établir une connexion au serveur
==========================================================================
(the XXX come from me)
On my router, I made a rule, TCP protocol on port 21 goes to 192.168.XXX.XXX
thank you