FileZilla Forums

I seem to have a passive mode problem, ironically, only when the client is on the same network as the server (loopback?).

To my understanding, the FZ Server Passive mode setting, Use the default host for local connections, should be checked to allow transfers to work from a client on the same network as the server. However, whether or not I check it, from a local client, I can download but I can’t upload, or delete/rename a remote file. When uploading a file, it times out and shows the following client-side error (WinSCP):

"Server sent passive reply with unroutable address 192.168.0.2, using host address instead."

(My server is on 192.168.0.2.)

On the server side, I get:

PASV
227 Entering Passive Mode (192,168,0.2,11,211)
STOR test.png
550 Couldn’t open the file or directory

If I configure the client to connect to 192.168.0.2 instead of to the domain stored in FZ Server’s passive mode host field, then everything works. Also, when the client—a laptop—is outside the network, everything works. However, I want the laptop to work whether it’s at home on the same network or not without having to change the config every time. This used to work but maybe something changed in FZ Server 1.4.1? Or maybe I don’t completely understand how to configure it now?

Thanks for any insight.

Craig

No, it didn't. Your domain name resolves to your public IP, and that means the server will see you as being a client from the outside. The checkbox doesn't apply here. If you connect from the inside LAN, you have to use the server's local IP (or name) as Host.
If it worked in the past, it did because you used a plain FTP connection and the router switched IPs on the fly. Now, connections are nearly always FTP over TLS, which is end-to-end encrypted. Welcome to the world of NAT.

Running a local DNS resolver in your LAN would be one way to solve this. That resolver would have to be configured for hard-resolving to the LAN IP of the server, so inside connections work.
Outside, that DNS would not be available and the system shall fall back to an alternate (or the default) DNS that returns the public IP.
There are also tools able to change your network profile depending on where you are.

Personally, I'm using two domain names: one real and one bogon (returning the LAN IP). Easier to configure, but needs two separate entries in the client.

Thank you for the reply. In the past, it somehow worked with FTP over TLS without requiring a local DNS entry, and no changes to the NAT (a pfSense firewall).

Perhaps the simplest solution is a second client entry.

We discussed this, and it looks like you're having two unrelated issues here.

The first one, is that even though you're connecting through the external address, the server sees the connection coming from the internal address. This probably means that the device that is acting as a router translates the external address into the internal one. The client sees this, as per log message you've shown, but still goes on using the external address. The fact that downloading works shows that passive mode itself is working, even with this "issue".

The fact you can't upload is unrelated to the passive mode, the server responds with an error message when the STOR command is issued.

To sort this one out, we'd need to know the following things:

1) The version of FileZilla Server that you say was working for you.
2) The complete log of the server, in debug mode.

Hello,Mr.mcsilver.

Is FileZilla Sever's setting and the Windows firewall open enough port range for Passive Mode?
In my experience, if I use FTP software other than FileZillaClient on local network (especially when the number of files handled is many) and if the tcp port range for passive mode is narrow, it seems that errors are likely to occur.

Please see the topics below.

viewtopic.php?f=6&t=54304

Please forgive me if it is not helpful.
Also,Please forgive me if it is not related to this topic.