Permission Denied

[BigDingus]

Hi all.
I have a securty that I'm trying to setup Filezilla Server for.
When I try to send an image file I get 550 Permission denied.

FTP Server it set to Port 21 Explicit over TLS and insecure plain FTP
Passive mode is custom port rang as suggested by FZ
I have no entries in filters, but have tried my own IP
Admin on 14148 with a password and port 21
Groups on VP: /LodgeFTP Native: D:\LodgeFTP with Rad + write and Apply and writable clicked.
Users System user: Enabled Use system credentials to log in. Use system also for files and directory. LodgeGroup. VP: /LodgeFTP Native: D:\LodgeFTP with Rad + write and Apply and writable clicked
Lodge user enabled. require a password to log in. VP: /LodgeFTP Native: D:\LodgeFTP with Rad + write and Apply and writable clicked
Logging enabled (See below)
No encryption.

I'm very much an amatuer with this, but I'm sure I'm being stopped from writting a file or new directory.
The coudn't bind bit is beyond me.
You experts will know I have no doubt.

Log file:
2022-04-25T12:40:12.545Z == ===== New logging started =====
2022-04-25T12:40:12.546Z == Setting up TLS for the FTP Server
2022-04-25T12:40:12.546Z == SHA1 certificate fingerprint: 56:dc:22:25:3a:38:6b:22:44:11:b3:47:62:8a:68:eb:6c:97:1a:64
2022-04-25T12:40:12.546Z == SHA256 certificate fingerprint: 9a:17:92:3f:d2:33:7a:ac:c0:aa:a7:b9:ad:d5:6a:aa:49:d7:7d:0f:2d:06:95:58:11:bc:18:e6:db:f5:bd:a8
2022-04-25T12:40:12.546Z == Setting up TLS for the Administration Server
2022-04-25T12:40:12.547Z == SHA1 certificate fingerprint: 43:f2:b0:4d:a0:f2:93:f3:42:5f:8f:15:13:81:b5:07:fa:ef:27:32
2022-04-25T12:40:12.547Z == SHA256 certificate fingerprint: f9:77:fe:51:85:1a:21:57:db:be:d9:54:a9:43:dd:80:eb:cf:99:63:50:55:c4:6f:6e:21:90:82:f1:f7:12:03
2022-04-25T12:40:12.550Z == [FTP Server] Listening on 152.251.1.202:21 (tls_mode = 0).
2022-04-25T12:40:12.550Z == [Administration Server] Listening on 127.0.0.1:14148 (tls_mode = 1).
2022-04-25T12:40:12.550Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:12.550Z == [Administration Server] Listening on ::1:14148 (tls_mode = 1).
2022-04-25T12:40:13.556Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:14.395Z == [Administration Server] Administration client with ID 1 connected from 127.0.0.1:61826.
2022-04-25T12:40:14.566Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:15.579Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:16.582Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:17.597Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:18.601Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:19.603Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:20.616Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:21.631Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:22.633Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:23.638Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:24.641Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:25.642Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:26.646Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:27.649Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:28.663Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:29.665Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:30.668Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:31.671Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:32.674Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:33.677Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:34.677Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:35.677Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:36.677Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:37.679Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:38.680Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:39.477Z >> [FTP Session 1 82.40.52.30] USER Lodge
2022-04-25T12:40:39.477Z << [FTP Session 1 82.40.52.30] 331 Please, specify the password.
2022-04-25T12:40:39.480Z >> [FTP Session 1 82.40.52.30] PASS ****
2022-04-25T12:40:39.537Z << [FTP Session 1 82.40.52.30 Lodge] 230 Login successful.
2022-04-25T12:40:39.550Z >> [FTP Session 1 82.40.52.30 Lodge] TYPE I
2022-04-25T12:40:39.550Z << [FTP Session 1 82.40.52.30 Lodge] 200 Type set to I
2022-04-25T12:40:39.553Z >> [FTP Session 1 82.40.52.30 Lodge] CWD /D/Lodgeftp//20220425/images/
2022-04-25T12:40:39.553Z << [FTP Session 1 82.40.52.30 Lodge] 550 Permission denied
2022-04-25T12:40:39.558Z >> [FTP Session 1 82.40.52.30 Lodge] XMKD /D
2022-04-25T12:40:39.558Z << [FTP Session 1 82.40.52.30 Lodge] 550 Permission denied
2022-04-25T12:40:39.561Z >> [FTP Session 1 82.40.52.30 Lodge] XMKD /D/Lodgeftp
2022-04-25T12:40:39.561Z << [FTP Session 1 82.40.52.30 Lodge] 550 Permission denied
2022-04-25T12:40:39.564Z >> [FTP Session 1 82.40.52.30 Lodge] XMKD /D/Lodgeftp/
2022-04-25T12:40:39.564Z << [FTP Session 1 82.40.52.30 Lodge] 550 Permission denied
2022-04-25T12:40:39.570Z >> [FTP Session 1 82.40.52.30 Lodge] XMKD /D/Lodgeftp//20220425
2022-04-25T12:40:39.570Z << [FTP Session 1 82.40.52.30 Lodge] 550 Permission denied
2022-04-25T12:40:39.575Z >> [FTP Session 1 82.40.52.30 Lodge] XMKD /D/Lodgeftp//20220425/images
2022-04-25T12:40:39.575Z << [FTP Session 1 82.40.52.30 Lodge] 550 Permission denied
2022-04-25T12:40:39.581Z >> [FTP Session 1 82.40.52.30 Lodge] CWD /D/Lodgeftp//20220425/images/
2022-04-25T12:40:39.581Z << [FTP Session 1 82.40.52.30 Lodge] 550 Permission denied
2022-04-25T12:40:39.584Z >> [FTP Session 1 82.40.52.30 Lodge] QUIT
2022-04-25T12:40:39.584Z << [FTP Session 1 82.40.52.30 Lodge] 200 Goodbye.
2022-04-25T12:40:39.691Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:40.700Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.
2022-04-25T12:40:41.705Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.

[BigDingus]

I forgot to say, I've tried with my firewall off and on.
With on I've tried enabling ports 21-21,50000-65000.
I have an Netgear Orbirouter that I'm assured doesn't have NAT in it.

[botg]

2022-04-25T12:40:39.553Z >> [FTP Session 1 82.40.52.30 Lodge] CWD /D/Lodgeftp//20220425/images/

Check your mount points, they don't cover this directory.

2022-04-25T12:40:12.550Z == [FTP Server] Listening on 152.251.1.202:21 (tls_mode = 0).
2022-04-25T12:40:12.550Z !! [Administration Server] Couldn't bind on 152.251.1.202:21. Reason: EADDRINUSE - Local address in use. Retrying in 1 seconds.

Don't listen for multiple protocols on the same port, that just cannot work. Note that port 21 is reserved for FTP, don't use it for other protocols such as the administration protocol.

[BigDingus]

Thanks Tim.
I've changed the Admin port which got rid of that issue.
However I still can't get XMKD or CWD /D/Lodgeftp//20220426/images.
Constant Permission denied.
I tried making the directory manually but no luck.

Log:
2022-04-26T10:26:17.294Z == ===== New logging started =====
2022-04-26T10:26:17.299Z == Setting up TLS for the FTP Server
2022-04-26T10:26:17.299Z == SHA1 certificate fingerprint: 56:dc:22:25:3a:38:6b:22:44:11:b3:47:62:8a:68:eb:6c:97:1a:64
2022-04-26T10:26:17.299Z == SHA256 certificate fingerprint: 9a:17:92:3f:d2:33:7a:ac:c0:aa:a7:b9:ad:d5:6a:aa:49:d7:7d:0f:2d:06:95:58:11:bc:18:e6:db:f5:bd:a8
2022-04-26T10:26:17.299Z == Setting up TLS for the Administration Server
2022-04-26T10:26:17.299Z == SHA1 certificate fingerprint: 43:f2:b0:4d:a0:f2:93:f3:42:5f:8f:15:13:81:b5:07:fa:ef:27:32
2022-04-26T10:26:17.299Z == SHA256 certificate fingerprint: f9:77:fe:51:85:1a:21:57:db:be:d9:54:a9:43:dd:80:eb:cf:99:63:50:55:c4:6f:6e:21:90:82:f1:f7:12:03
2022-04-26T10:26:17.299Z == [FTP Server] Listening on 152.251.1.202:21 (tls_mode = 0).
2022-04-26T10:26:17.299Z == [Administration Server] Listening on 127.0.0.1:14148 (tls_mode = 1).
2022-04-26T10:26:17.299Z == [Administration Server] Listening on 152.251.1.202:25 (tls_mode = 1).
2022-04-26T10:26:17.299Z == [Administration Server] Listening on ::1:14148 (tls_mode = 1).
2022-04-26T10:26:28.349Z == [Administration Server] Administration client with ID 1 connected from 127.0.0.1:64824.
2022-04-26T10:26:36.659Z >> [FTP Session 1 82.40.52.30] USER Lodge
2022-04-26T10:26:36.659Z << [FTP Session 1 82.40.52.30] 331 Please, specify the password.
2022-04-26T10:26:36.679Z >> [FTP Session 1 82.40.52.30] PASS ****
2022-04-26T10:26:36.679Z << [FTP Session 1 82.40.52.30 Lodge] 230 Login successful.
2022-04-26T10:26:36.699Z >> [FTP Session 1 82.40.52.30 Lodge] TYPE I
2022-04-26T10:26:36.699Z << [FTP Session 1 82.40.52.30 Lodge] 200 Type set to I
2022-04-26T10:26:36.715Z >> [FTP Session 1 82.40.52.30 Lodge] CWD /D/Lodgeftp//20220426/images/
2022-04-26T10:26:36.715Z << [FTP Session 1 82.40.52.30 Lodge] 550 Permission denied
2022-04-26T10:26:36.739Z >> [FTP Session 1 82.40.52.30 Lodge] XMKD /D
2022-04-26T10:26:36.739Z << [FTP Session 1 82.40.52.30 Lodge] 550 Permission denied
2022-04-26T10:26:36.756Z >> [FTP Session 1 82.40.52.30 Lodge] XMKD /D/Lodgeftp
2022-04-26T10:26:36.756Z << [FTP Session 1 82.40.52.30 Lodge] 550 Permission denied
2022-04-26T10:26:36.777Z >> [FTP Session 1 82.40.52.30 Lodge] XMKD /D/Lodgeftp/
2022-04-26T10:26:36.777Z << [FTP Session 1 82.40.52.30 Lodge] 550 Permission denied
2022-04-26T10:26:36.797Z >> [FTP Session 1 82.40.52.30 Lodge] XMKD /D/Lodgeftp//20220426
2022-04-26T10:26:36.797Z << [FTP Session 1 82.40.52.30 Lodge] 550 Permission denied
2022-04-26T10:26:36.817Z >> [FTP Session 1 82.40.52.30 Lodge] XMKD /D/Lodgeftp//20220426/images
2022-04-26T10:26:36.817Z << [FTP Session 1 82.40.52.30 Lodge] 550 Permission denied
2022-04-26T10:26:36.837Z >> [FTP Session 1 82.40.52.30 Lodge] CWD /D/Lodgeftp//20220426/images/
2022-04-26T10:26:36.837Z << [FTP Session 1 82.40.52.30 Lodge] 550 Permission denied
2022-04-26T10:26:36.857Z >> [FTP Session 1 82.40.52.30 Lodge] QUIT
2022-04-26T10:26:36.857Z << [FTP Session 1 82.40.52.30 Lodge] 200 Goodbye.
2022-04-26T10:26:44.119Z == [Administration Server] Administration client with ID 1 disconnected without error.

[oibaf]

The log shows you're trying to access /D/Lodgeftp/, but the closest you you have in your mountlist is "/Lodgeftp", without "/D". If you want the "/D", you need to include that in the virtual path too.

[BigDingus]

Thanks Fabio. I'll give that a try. I may have tried that before.

[BigDingus]

Fabio that was all it was.
Thanks you for helping

[CrimpOn]

I forgot to say, I've tried with my firewall off and on.
With on I've tried enabling ports 21-21,50000-65000.
I have an Netgear Orbirouter that I'm assured doesn't have NAT in it.

This is definitely not correct. ALL consumer routers use Network Address Translation (NAT) to allow devices behind the router to appear to have one public IP address.
Netgear Orbi routers are no different.
(Please note: this has nothing to do with the solution which has been discovered. Just being a bit OCD.)

[botg]

@CrimpOn: Wait until you hear about bridge mode, it will blow your mind! Good routers can also handle multiple public IP addresses.

A more correct statement thus is: Virtually all consumer routers are able to use NAT.

[boco]

Routers are just one type of gateway device. Gateways are needed for connecting two otherwise incompatible networks or network segments. This is done by doing some form of translation. One of the most used translation methods is Network/Port Address Translation (NAT/PAT, symmetrical or cone), but there are others. Consumer routers usually do one-to-many NAT, using one public address (and/or one prefix in case of IPv6) only.
A router in Bridge mode is not a router/gateway anymore, but a simple modem. You still need a gateway device if you have multiple machines (except in IPv6-only mode).

[botg]

It gets muddy, where does the switch end and the router start? The smartest switch vs. the dumbest router, it's like arguing about the largest dwarf and the smallest giant.

[boco]

Yeah it's not so easy anymore. I have managed switches able to act as a gateway (VLAN) and setting priorities. And then, we have routers on the market which cannot even port-forward.