Come here to discuss FileZilla and FTP in general
Moderator: Project members
-
dryuk94
- 504 Command not implemented
- Posts: 6
- Joined: 2020-01-10 15:42
- First name: Davide
- Last name: Russo
#1
Post
by dryuk94 » 2020-01-14 11:13
Code: Select all
Status: Connecting to 3x.xxx.xxx.91:21...
Status: Connection established, waiting for welcome message...
Status: Initializing TLS...
Status: Verifying certificate...
Status: TLS connection established.
Status: Logged in
Status: Retrieving directory listing...
Status: Server sent passive reply with unroutable address. Using server address instead.
Command: MLSD
Error: GnuTLS error -15: An unexpected TLS packet was received.
Error: The data connection could not be established: ECONNABORTED - Connection aborted
Hello everyone!
Let me explain the problem: I have a Western Digital NAS where I have activated the FTP protocol. If I use a plain TLS connection (without explicit and implicit TLS) I can connect to the server both locally (192.168.1.5) and remotely (3x.xxx.xxx.91). The moment I activate explicit TLS, it connects without problems locally, while remotely I have this error. Attached I also entered the settings of the NAS of the WD and the ports open in the modem. What could be the problem?
-
Attachments
-
- Modem Setting.PNG (15.04 KiB) Viewed 27570 times
-
- NAS Setting-4.PNG (30.37 KiB) Viewed 27570 times
-
- NAS Setting-3.PNG (25.24 KiB) Viewed 27570 times
-
- NAS Setting-2.PNG (22.82 KiB) Viewed 27570 times
-
- NAS Setting-1.PNG (21.92 KiB) Viewed 27570 times
Last edited by
dryuk94 on 2020-01-15 17:48, edited 4 times in total.
-
boco
- Contributor
- Posts: 26935
- Joined: 2006-05-01 03:28
- Location: Germany
#2
Post
by boco » 2020-01-14 11:56
Does it work if you select the "Report external IP in PASV mode?
Did you configure the router correctly?
Network Configuration
-
dryuk94
- 504 Command not implemented
- Posts: 6
- Joined: 2020-01-10 15:42
- First name: Davide
- Last name: Russo
#3
Post
by dryuk94 » 2020-01-14 13:05
boco wrote: ↑2020-01-14 11:56
Does it work if you select the "Report external IP in PASV mode?
Did you configure the router correctly?
Network Configuration
I have selected the "Report external IP in PASV mode" and entered as the IP address "3x.xxx.xxx.91" (the public IPv4 address of the router). This is the result:
Code: Select all
Status: Connecting to 3x.xxx.xxx.91:21...
Status: Connection established, waiting for welcome message...
Status: Initializing TLS...
Status: Verifying certificate...
Status: TLS connection established.
Status: Server does not support non-ASCII characters.
Status: Logged in
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is your current location
Command: TYPE I
Response: 200 TYPE is now 8-bit binary
Command: PASV
Response: 227 Entering Passive Mode (3x,xxx,xxx,91,234,34)
Command: MLSD
Error: GnuTLS error -15: An unexpected TLS packet was received.
Error: The data connection could not be established: ECONNABORTED - Connection aborted
Attached I enter the settings of the router, NAS and FileZilla Client.
-
Attachments
-
- FileZilla-3.PNG (6.86 KiB) Viewed 27558 times
-
- FileZilla-1.PNG (13.51 KiB) Viewed 27558 times
-
- NAS Settings.PNG (54.45 KiB) Viewed 27558 times
-
- Modem Setting-6.PNG (16.93 KiB) Viewed 27558 times
-
- Modem Setting-5.PNG (40.89 KiB) Viewed 27558 times
-
- Modem Setting-4.PNG (23.04 KiB) Viewed 27558 times
-
- Modem Setting-3.PNG (62.58 KiB) Viewed 27558 times
-
- Modem Setting-2.PNG (43.29 KiB) Viewed 27558 times
-
- Modem Setting-1.PNG (41.94 KiB) Viewed 27558 times
-
boco
- Contributor
- Posts: 26935
- Joined: 2006-05-01 03:28
- Location: Germany
#4
Post
by boco » 2020-01-14 14:17
The bottom port forwarding in your router is wrong (the 49153-65534).
"Public door" 49153-65534 is correct, but the local port isn't. If you cannot enter the same port range as in "Public door", but only a single port, enter the first port of the range (49153) and the router will figure out the rest.
Test again. Note that we have a test facility:
https://ftptest.net
-
dryuk94
- 504 Command not implemented
- Posts: 6
- Joined: 2020-01-10 15:42
- First name: Davide
- Last name: Russo
#5
Post
by dryuk94 » 2020-01-14 14:34
boco wrote: ↑2020-01-14 14:17
The bottom port forwarding in your router is wrong (the 49153-65534).
"Public door" 49153-65534 is correct, but the local port isn't. If you cannot enter the same port range as in "Public door", but only a single port, enter the first port of the range (49153) and the router will figure out the rest.
Test again. Note that we have a test facility:
https://ftptest.net
I changed the port setting:
- local port 49153
- public door 49153-65534
Now I have this error:
Code: Select all
Status: Connecting to 3x.xxx.xxx.91:21...
Status: Connection established, waiting for welcome message...
Status: Initializing TLS...
Status: Verifying certificate...
Status: TLS connection established.
Status: Server does not support non-ASCII characters.
Status: Logged in
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is your current location
Command: TYPE I
Response: 200 TYPE is now 8-bit binary
Command: PASV
Response: 227 Entering Passive Mode (3x,xxx,xxx,91,213,167)
Command: MLSD
Error: The data connection could not be established: ECONNREFUSED - Connection refused by server
Instead from the test facility
https://ftptest.net:
Code: Select all
Status: Resolving address of 3x.xxx.xxx.91
Status: Connecting to 3x.xxx.xxx.91
Warning: The entered address does not resolve to an IPv6 address.
Status: Connected, waiting for welcome message...
Reply: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
Reply: 220-You are user number 3 of 10 allowed.
Reply: 220-Local time is now 15:27. Server port: 21.
Reply: 220-IPv6 connections are also welcome on this server.
Reply: 220 You will be disconnected after 10 minutes of inactivity.
Command: CLNT https://ftptest.net on behalf of 3x.xxx.xxx.91
Reply: 530 You aren't logged in
Command: AUTH TLS
Reply: 234 AUTH TLS OK.
Status: Performing TLS handshake...
Status: TLS handshake successful, verifying certificate...
Status: Received 1 certificates from server.
Status: cert[0]: subject='CN=192.168.1.5' issuer='CN=192.168.1.5'
Command: USER xxxx
Reply: 331 User xxxx OK. Password required
Command: PASS ***********
Reply: 230 OK. Current restricted directory is /
Command: SYST
Reply: 215 UNIX Type: L8
Command: FEAT
Reply: 211-Extensions supported:
Reply: EPRT
Reply: IDLE
Reply: MDTM
Reply: SIZE
Reply: REST STREAM
Reply: MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
Reply: MLSD
Reply: ESTP
Reply: PASV
Reply: EPSV
Reply: SPSV
Reply: ESTA
Reply: AUTH TLS
Reply: PBSZ
Error: Carriage return without line feed received
Results
Error: Carriage return without line feed received
- The replies sent by your server are violating the FTP specifications.
- You have to upgrade to a proper server.
-
dryuk94
- 504 Command not implemented
- Posts: 6
- Joined: 2020-01-10 15:42
- First name: Davide
- Last name: Russo
#6
Post
by dryuk94 » 2020-01-15 11:45
I tried using Cyberduck instead of FileZilla, and was able to connect remotely with Active mode. But I can't download the files. The moment I try to download a file it gives me an error: 500 - I won't opean a connection to xxx.xxx.xx.xxx (only to 3x.xxx.xxx.91). Why does Cyberduck connect, instead FileZilla doesn't? I can only see the folders and files, but I can't download them(remotely).
-
dryuk94
- 504 Command not implemented
- Posts: 6
- Joined: 2020-01-10 15:42
- First name: Davide
- Last name: Russo
#7
Post
by dryuk94 » 2020-01-15 16:15
I decreased the public port range to 65523-65534. Now I can access the folders remotely from FileZilla, but as soon as I try to download a file it gives me this error:
Code: Select all
Status: Connecting to 3x.xxx.xxx.91:21...
Status: Connection established, waiting for welcome message...
Status: Initializing TLS...
Status: Verifying certificate...
Status: TLS connection established.
Status: Server does not support non-ASCII characters.
Status: Logged in
Status: Retrieving directory listing...
Status: Directory listing of "/" successful
Status: Disconnected from server
Status: Connecting to 3x.xxx.xxx.91:21...
Status: Connection established, waiting for welcome message...
Status: Initializing TLS...
Status: Verifying certificate...
Status: TLS connection established.
Status: Server does not support non-ASCII characters.
Status: Logged in
Status: Starting download of /D-Russo/Desktop/stampa.bollettino.pagamento_rotated.pdf
Command: CWD /D-Russo/Desktop
Response: 250 OK. Current directory is /D-Russo/Desktop
Command: PWD
Response: 257 "/D-Russo/Desktop" is your current location
Command: TYPE I
Response: 200 TYPE is now 8-bit binary
Command: PASV
Response: 227 Entering Passive Mode (3x,xxx,xxx,91,255,249)
Command: RETR stampa.bollettino.pagamento_rotated.pdf
Error: The data connection could not be established: ECONNREFUSED - Connection refused by server
Error: Connection timed out after 20 seconds of inactivity
Error: File transfer failed
Instead with WinSCP I have this error:
Code: Select all
Failed to get the folder list
I won't open a connection to 192.168.1.8 (only to 3x.xxx.xxx.91)
-
dryuk94
- 504 Command not implemented
- Posts: 6
- Joined: 2020-01-10 15:42
- First name: Davide
- Last name: Russo
#8
Post
by dryuk94 » 2020-01-15 17:48
Problem solved!
I had to assign a number of ports equal to the number of users that can be connected (10). Also I created port forwarding in the router for each port and not an interval. The connection is in passive mode and I can also download the files.
-
botg
- Site Admin
- Posts: 35563
- Joined: 2004-02-23 20:49
- First name: Tim
- Last name: Kosse
#9
Post
by botg » 2020-01-16 08:40
As a rule of thumb you need at least as many ports as transfers that can possibly be done in 4 minutes.