D-Link Forums
The Graveyard - Products No Longer Supported => D-Link Storage => DNS-323 => Topic started by: j.lai on December 10, 2011, 12:41:48 AM
-
I can connect to my ftp server using my internal IP address, but when I use my external IP address, it prompts me to login and the page tries to load until it times out. My ISP blocked port 21, so I changed my ftp port to 1025 and port forwarded the port to my dns-323 from my router. When I check to see if the port on my external IP is open using www.yougetsignal.com, it says it is open.
Is there a setting on my ftp that I have to enable?
This is the log I get from filezilla
Response: 220---------- Welcome to Pure-FTPd [TLS] ----------
Response: 220-You are user number 1 of 10 allowed.
Response: 220-Local time is now 01:03. Server port: 65505.
Response: 220-This server supports FXP transfers
Response: 220 You will be disconnected after 2 minutes of inactivity.
Command: USER jlai
Response: 331 User jlai OK. Password required
Command: PASS ********
Response: 230 OK. Current restricted directory is /
Command: SYST
Response: 215 UNIX Type: L8
Command: FEAT
Response: 211-Extensions supported:
Response: EPRT
Response: IDLE
Response: MDTM
Response: SIZE
Response: REST STREAM
Response: MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
Response: MLSD
Response: ESTP
Response: PASV
Response: EPSV
Response: SPSV
Response: ESTA
Response: AUTH TLS
Response: PBSZ
Response: PROT
Response: UTF8
Response: 211 End.
Command: OPTS UTF8 ON
Response: 200 OK, UTF-8 enabled
Status: Connected
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is your current location
Command: TYPE I
Response: 200 TYPE is now 8-bit binary
Command: PASV
Response: 227 Entering Passive Mode (192,168,1,65,217,25)
Status: Server sent passive reply with unroutable address. Using server address instead.
Command: MLSD
Error: Connection timed out
Error: Failed to retrieve directory listing
-
The first thing that needs to be done is to determine accurately where the problem lies - you start by saying "cannot connect to ftp" - and then post a log that shows you're connected.
The details make the difference - now let's look at the rest of your log...
Response: 227 Entering Passive Mode (192,168,1,65,217,25)
Status: Server sent passive reply with unroutable address. Using server address instead.
That second line I have quoted tells you exactly where your problem lies.
You're attempting to use passive ftp (the first line tells us that), and you're not properly configured for passive ftp (the second line tells us that).
You have two choices - tell filezilla not to use passive ftp - or configure the DNS-323 AND your router to use passive ftp - please note that "AND", both devices need to be configured.
Passive ftp requires a range of ports to be defined on the ftp server and forwarded on the router/firewall, it also requires the ftp server to send the router's public address, which needs to be configured on the ftp server.
Go into the ftp setup page on the DNS-323 and you'll find the places to set these items.
-
How do I disable Passive mode? I have the checkbox "report to passive mode" unchecked.
-
Make sure to test using a FTP client without capability to encrypt. Using encryption makes your Router blind it cannot read the FTP protocol and does not know which ports to open.
Configuring encrypted FTP can of course be done but it usally soo much easier to get non-enctypted FTP to work.
-
How do I disable Passive mode? I have the checkbox "report to passive mode" unchecked.
Like I said - the details make the difference ...
You have two choices - tell filezilla not to use passive ftp - or configure the DNS-323 AND your router to use passive ftp - please note that "AND", both devices need to be configured.
I was very specific when I said you tell filezilla not to use passive ftp, and you're now looking at the DNS-323 and asking how to disable passive mode. If your ftp client doesn't request passive mode, the DNS-323 won't switch to passive mode.
-
I just noticed your first post says you switched the port to 1025, if you don't use passive ftp you will need a router at the client end that is capable of performinf what is known as "ftp fixup" - you're probably better off using passive ftp.
-
Hi,
Check the following information http://forums.dlink.com/index.php?topic=40415.0
Hope this information helps you.
-
So I've opened up my ports for the passive ftp and I am now getting a connection timeout and fail to retrieve directory listing
here is the log:
Status: Resolving address of jlai.dyndns.org
Status: Connecting to 50.99.137.181:65505...
Status: Connection established, waiting for welcome message...
Response: 220---------- Welcome to Pure-FTPd [TLS] ----------
Response: 220-You are user number 1 of 10 allowed.
Response: 220-Local time is now 16:47. Server port: 65505.
Response: 220-This server supports FXP transfers
Response: 220 You will be disconnected after 2 minutes of inactivity.
Command: USER jlai
Response: 331 User jlai OK. Password required
Command: PASS ********
Response: 230 OK. Current restricted directory is /
Status: Connected
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is your current location
Command: TYPE I
Response: 200 TYPE is now 8-bit binary
Command: PASV
Response: 227 Entering Passive Mode (50,99,137,181,217,77)
Command: MLSD
Error: Connection timed out
Error: Failed to retrieve directory listing
-
I suspect you have a misconfiguration somewhere - that log shows the initial connection being made on port 65505, not 1025.
-
Yeah, I've changed my ftp port to 65505 and port forwarded 65505 instead of 1025
-
1 - What range do you have the passive ports configured for?
2 - Have you configure the router to foward that port range to the NAS?
-
The default, 55536-55663, and I have port forwarded those ports to my NAS from my router
-
PM me a user name & password - create it just for the test and delete it afterwards - give it read write access to a separate folder and place a text file or similar in the folder.
-
user: test
pass: testFTP
www.jlai.dyndns.org:65505
there is a test.txt file inside the folder
-
For some reason that I cannot figure out, your DNS-323 thinks my ftp client is another server and trys to setup an "fxp" transfer
-
hmm..
Here is what my FTP Server setup looks like:
Max. User: 10
Idle Time: 2
Port: 65505
Passive Mode: Ranges 65501-65504 (I've changed it from default just for testing, I've forwarded these ports on my router to the dns-323)
Report external IP in Passive Mode checked
External IP: 50.99.137.191
Client Language: Unicode
Flow Control: Unlimited
SSL/TLS: Unchecked
-
That's pretty much what I have - try setting the "non standard" port to something lower - 1021 - or similar and see what happens.
-
I'ved changed my FTP port to 1111 and passive from 2000-2222 and i still cannot access my FTP
-
Leave the passive range at the default and set the ftp port to something below 1024
-
It says I can't set the ftp port anything lower than 1025
-
So I've opened up my ports for the passive ftp and I am now getting a connection timeout and fail to retrieve directory listing
here is the log:
Status: Resolving address of jlai.dyndns.org
Status: Connecting to 50.99.137.181:65505...
Status: Connection established, waiting for welcome message...
Response: 220---------- Welcome to Pure-FTPd [TLS] ----------
Response: 220-You are user number 1 of 10 allowed.
Response: 220-Local time is now 16:47. Server port: 65505.
Response: 220-This server supports FXP transfers
Response: 220 You will be disconnected after 2 minutes of inactivity.
Command: USER jlai
Response: 331 User jlai OK. Password required
Command: PASS ********
Response: 230 OK. Current restricted directory is /
Status: Connected
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is your current location
Command: TYPE I
Response: 200 TYPE is now 8-bit binary
Command: PASV
Response: 227 Entering Passive Mode (50,99,137,181,217,77)
Command: MLSD
Error: Connection timed out
Error: Failed to retrieve directory listing
I had the same problem but I was able to resolve it... but my FTP cannot use the secure connection and DLink doesn't know how to fix this problem. again, crappy support from dlink
-
how did you resolve it?