Page 2 of 2

Re: GnuTLS error -110 in gnutls_record_recv: The TLS Connection was non-properly terminated

Posted: 2022-06-29 07:17
by tchicken
Thank you Boco,

This configuration works well in 'Passive' mode.
Why can't I use the default port?

Re: GnuTLS error -110 in gnutls_record_recv: The TLS Connection was non-properly terminated

Posted: 2022-06-29 13:01
by boco
You can use the default listening port. The custom port range is something different and dedicated to data connections (listings and transfers).

1. The data port range must be forwarded to the sever machine in the router, so, incoming connections on any of these ports will reach your server.
2. You must configure that port range in FileZilla Server, so it can propose these ports to the client in the PASV or EPSV reply. Otherwise, it would just propose random ports all over, many of them outside your range.

Malicious routers may make it appear to work without any configuration, but only on the default listening port and only for unencrypted connections.

Our Network Configuration guide has all these information and more.

Re: GnuTLS error -110 in gnutls_record_recv: The TLS Connection was non-properly terminated

Posted: 2022-06-29 16:48
by tchicken
A big thank you to everyone.

Re: GnuTLS error -110 in gnutls_record_recv: The TLS Connection was non-properly terminated

Posted: 2022-06-30 15:20
by tchicken
One last question, if I try to download a file by connecting with a DNS name pointing to my external IP and I'm behind the same NAT server as the FileZilla server, I get the following errors :

On client :
Statut : Résolution de l’adresse de
Statut : Connexion à…
Statut : Connexion établie, attente du message d’accueil…
Statut : Initialisation de TLS…
Statut : Connexion TLS établie.
Statut : Connecté
Statut : Récupération du contenu du dossier…
Statut : Le serveur a envoyé une réponse passive avec une adresse non routable. Adresse remplacée par celle du serveur.
Commande : MLSD
Réponse : 150 About to start data transfer.
Erreur : Les données de connexion ne peuvent pas être établies : ECONNREFUSED - Connexion refusée par le serveur
Erreur : Connection interrompue après 20 secondes d’inactivité
Erreur : Impossible de récupérer le contenu du dossier

On Server :
<Date> Info [Type] Message
<30/06/2022 17:12:04> FTP Session 547 [Command] AUTH TLS
<30/06/2022 17:12:04> FTP Session 547 [Response] 234 Using authentication type TLS.
<30/06/2022 17:12:04> FTP Session 547 [Command] USER genturfevo
<30/06/2022 17:12:04> FTP Session 547 [Response] 331 Please, specify the password.
<30/06/2022 17:12:04> FTP Session 547 [Command] PASS ****
<30/06/2022 17:12:04> FTP Session 547 genturfevo [Response] 230 Login successful.
<30/06/2022 17:12:04> FTP Session 547 genturfevo [Command] PWD
<30/06/2022 17:12:04> FTP Session 547 genturfevo [Response] 257 "/" is current directory.
<30/06/2022 17:12:04> FTP Session 547 genturfevo [Command] TYPE I
<30/06/2022 17:12:04> FTP Session 547 genturfevo [Response] 200 Type set to I
<30/06/2022 17:12:04> FTP Session 547 genturfevo [Command] PASV
<30/06/2022 17:12:04> FTP Session 547 genturfevo [Response] 227 Entering Passive Mode (192,168,1,112,203,49)
<30/06/2022 17:12:04> FTP Session 547 genturfevo [Command] MLSD
<30/06/2022 17:12:04> FTP Session 547 genturfevo [Response] 150 About to start data transfer.
<30/06/2022 17:12:24> FTP Session 547 genturfevo [Error] GnuTLS error -110 in gnutls_record_recv: The TLS connection was non-properly terminated.
<30/06/2022 17:12:24> FTP Session 547 genturfevo [Status] Client did not properly shut down TLS connection
<30/06/2022 17:12:24> FTP Session 547 genturfevo [Error] Control channel closed with error from source 0. Reason: ECONNABORTED - Connection aborted.

If I do the same with the internal IP, it works !

Can you tell me how why this error and how to fix it please ?

Re: GnuTLS error -110 in gnutls_record_recv: The TLS Connection was non-properly terminated

Posted: 2022-06-30 16:38
by botg
From within your NAT you need to use private IP address. Consumer grade routers do not properly handle internal traffic directed at their public IP.

If you absolutely must use the same hostname from both internal and external access, employ split-brain DNS.

Re: GnuTLS error -110 in gnutls_record_recv: The TLS Connection was non-properly terminated

Posted: 2022-06-30 20:12
by tchicken
I don't have a DNS server, is there another solution ?

At worst, I'll handle this in my application !

What is weird is that the FTP server responds correctly, but does not allow the download, is it possible to find the information in the server's response ?

Re: GnuTLS error -110 in gnutls_record_recv: The TLS Connection was non-properly terminated

Posted: 2022-06-30 21:29
by botg
Look more closely. You connect to the server via a routable address, yet what you see on the server is an unroutable address. This means your el-cheapo NAT router has failed to transform the source address.

As for DNS server, you definitely have at least one. It's the authoritative DNS server for the hostname you are using.

Re: GnuTLS error -110 in gnutls_record_recv: The TLS Connection was non-properly terminated

Posted: 2022-07-01 04:41
by tchicken
I use, but I don't quite understand the manipulation to be performed, network management is not my specialty as you have seen ;)

I can't find anything in my DNS provider's help regarding split-brain.

I've find this for Windows serveur : ... ws-server/, I try ...

Initially, the Add-DnsServerZoneScope command is not recognized on my server, Should I import a particular package in your opinion ?

Do I need to install the DNS Server function ?

Re: GnuTLS error -110 in gnutls_record_recv: The TLS Connection was non-properly terminated

Posted: 2022-07-01 05:46
by tchicken
I installed the DNS server function, but I have the following error :

PS C:\Users\Administrateur> Add-DnsServerZoneScope -ZoneName "" -Name "LAN"
Add-DnsServerZoneScope : La zone est introuvable sur le serveur PRESLES.
Au caractère Ligne:1 : 1
+ Add-DnsServerZoneScope -ZoneName "" -Name "LAN"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: ( [Add-DnsServerZon
eScope], CimException
+ FullyQualifiedErrorId : WIN32 9601,Add-DnsServerZoneScope

I have no idea how a DNS server works :(

I'll have to keep looking, I'll let you know...

Re: GnuTLS error -110 in gnutls_record_recv: The TLS Connection was non-properly terminated

Posted: 2022-07-01 06:47
by tchicken
I have already created this
dns.jpg (182.78 KiB) Viewed 3984 times