Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[kokocola]

Hey Guys,

I've been having a lotta trouble with this nas drive and trying to connect to it remotely from the internet, and i think i'm doing everything correctly. I've been searching around and i've been trying to mimic some other settings that other people have to no avail .

Here are my settings:

In my router page (I think it's a nat router):

I'm using port 1025 because my ISP won't unblock my port 21 deeming it a security risk.
TCP 192.168.1.70 Any-->1025
UDP 192.168.1.70 Any-->1025

In my dlink homepage page:

in the ftp page, i've selected the "Use the default port range (55536-55663)" and checked the box for "Report external IP in Passive mode" and put my router ip in there.
All other settings are normal. I've also checked the box for "Allow SSL/TLS connection only".

I got a hostname from the dlinkddns.org and put in my router ip so now when i go to the hostname i go to my router page. I also set in my router settings "DDNS" to point to the hostname.

I used to also put the same information from the DDNS page of my router into the DDNS page of my dlink page but that didn't work.

I'm using filezilla with active mode selected and from inside my network there are no issues but when i connect outside i get issues:

This is what i get from gene6.

* About to connect() to hostname.dlinkddns.com port 1025
* Trying (router ip)... connected
* Connected to hostname.dlinkddns.com (router ip) port 1025
< 220---------- Welcome to Pure-FTPd [TLS] ----------
< 220-You are user number 1 of 10 allowed.
< 220-Local time is now 10:50. Server port: 1025.
< 220-This server supports FXP transfers
< 220 You will be disconnected after 10 minutes of inactivity.

> AUTH SSL
< 500 This security scheme is not implemented

> AUTH TLS
< 234 AUTH TLS OK.
* successfully set certificate verify locations:
* CAfile: d:\www-bin\curl\curl-ca-bundle.crt
CApath: none
* SSLv3, TLS handshake, Client hello (1):
SSLv3, TLS handshake, Server hello (2):
SSLv3, TLS handshake, CERT (11):
SSLv3, TLS handshake, Server finished (14):
SSLv3, TLS handshake, Client key exchange (16):
SSLv3, TLS change cipher, Client hello (1):
SSLv3, TLS handshake, Finished (20):
SSLv3, TLS change cipher, Client hello (1):
SSLv3, TLS handshake, Finished (20):
SSL connection using AES256-SHA
* Server certificate:
* subject: /C=US/ST=California/L=Fountain Valley/CN=192.168.1.70
* start date: 2010-12-27 07:35:13 GMT
* expire date: 2013-10-16 07:35:13 GMT
* common name: 192.168.1.70 (does not match 'hostname.dlinkddns.com')
* issuer: /C=US/ST=California/L=Fountain Valley/CN=192.168.1.70
* SSL certificate verify result: error number 1 (18), continuing anyway.

> USER matt
< 331 User matt OK. Password required

> PASS *****
< 230 OK. Current restricted directory is /

> PBSZ 0
< 200 PBSZ=0

> PROT P
< 534 Fallback to [C]

> PWD
< 257 "/" is your current location
* Entry path is '/'

> CLNT Testing from http://www.g6ftpserver.com/ftptest from IP (router ip)
< 500 Unknown command
* QUOT command failed with 500
* Connection #0 to host hostname.dlinkddns.com left intact

* Closing connection #0
* SSLv3, TLS alert, Client hello (1):

I haven't done anything on my pc regarding any of this. My firewall has an exclusion for filezilla and that's about it.

Thank you for reading and in advance for helping !

[fordem]

Start as simple as possible, and once you have gotten the basics functional then you can add more.

1 - Don't use active mode if you're not using port 21 - there are potential "client-side firewall" problems.
2- Have you tried without the SSL/TLS enabled?

> CLNT Testing from http://www.g6ftpserver.com/ftptest from IP (router ip)
< 500 Unknown command

The above excerpt suggests that the DNS-323's ftp server does not support the CLNT command

[D-Link Multimedia]

in the ftp page, i've selected the "Use the default port range (55536-55663)" and checked the box for "Report external IP in Passive mode" and put my router ip in there.
All other settings are normal. I've also checked the box for "Allow SSL/TLS connection only".

Lets start here. The IP address that goes in that field should be your WAN address not your router address. The same address your dlinkddns.com account points to.

[kokocola]

Hey guys,

Thanks for responding to my post, I really appreciate it.

I have just tried ftp without encryption  and it still doesn't work . It gives me the same issue with the CLNT command when i use gene6.

It's also weird, I can't seem to access the ftp site using firefox or ie (within my network or outside my network), and since it's not working within the network too, I don't think it's related to the issue i'm having.

When i mean router ip, i mean my wan ip, or the ip that dlinkddns.com defaults to when you create a hostname e.g. matt.dlinkddns.com.

[fordem]

I have just tried ftp without encryption  and it still doesn't work . It gives me the same issue with the CLNT command when i use gene6.

If the CLNT command is NOT supported, and I doubt that it is, then you'll get the error with or without encryption - in short - as long as you use that particular method of testing, expect it to fail.

[CrustyOMO]

Hi,

I'm not a network genious, but I am going to guess at what might be happening and let you find a way to test it.  I hope I don't steer you in the wrong direction here.

I guess when you are on your own local network, your ftp client is failing on port 1025 and retrying on port 21 (and working).  While trying over the internet, the port 21 isn't working.  That's a real shame your ISP won't unblock 21, it makes it so much simpler and compatible with the windows explorer (which is what I use to ftp since it's available everywhere). 

Try using Netstat -a to view the active ports when you have your ftp connection established on your local network.

Good luck, I hope my guess might help you.

[Chiarot]

Alright so heres some things that caught my eye
1: * About to connect() to hostname.dlinkddns.com port 1025
2:  common name: 192.168.1.70 (does not match 'hostname.dlinkddns.com')

now unless you changed it, this info is wrong, a 192.168.x.x address will always be INTERNAL, not EXTERNAL, my advice to you is to place your info into the 323 like so;


Another thing to try is the 'ping' command.... to do this open command prompt (google if you don't know how to do that...)


and last but not least (for testing purposes) toss your DNS-323 into a DMZ on your router and see if this works

for mine to work I had to do the following
1: assign it static IP
2: forward FTP port's
3: enter correct information (believe it or not the ftp address is ______.dlinkddns.com and not ftp._______.dlinkddns.com like most weird... oh well)
4: now for mine (in the beginning) when I went to the url I would get the login to my modem, to fix this I set the modem up for a bridged connection


and voila it works!

[McPillager]

Hello,

First of all, 1025 is a very bad port choice.

Follow the steps below and you will have your FTP server up and running nice and smoothly:

1. Configure your FTP server settings:

Max. User: 02
Idle time: 5
Port: 65505 (anything but 1025)
Passive mode: Use the default port range
Report external IP in passive mode: UNCHECK
Client language: unicode
Flow: unlimited
SSL/TLS: UNCHECK

2. Configure your FTP server access list  (I assume you've done that already)

3. Configure the NAS DDNS: NAS -> Tools -> DDNS:

DDNS: Enabled
Server address: www.dlinkddns.com
Host name: your hostname, for example: myftpserver.dlinkddns.com
Set username/Password etc

4. DO NOT SET UP DDNS IN YOUR ROUTER. IT IS NOT NEEDED AND WILL PREVENT EVERYTHING FROM WORKING SMOOTHLY.

5. Configure Port Forwaring in your router:

You need to open the TCP port 65505 and forward it to the local IP of your NAS. The actual steps vary from router to router. In general, your configuration must be something like this:

Protocol: TCP
Port range: 65505
Translate to: 65505
Trigger protocol: -
Trigger port: -
Device: 192.168.1.70

Test your configuration either by using windows ftp command or FileZilla. If everything works, turn on SSL or any other extra feature.

Hope that helps.

[kokocola]

Thank YOU!! for all everyone's help! I've been really busy lately so I haven't any of these suggestions. But I'm going to try them right now . Thanks for helping!! I was going spare trying to figure it out.

[kokocola]

Hi,

Thank you for the help again. I've tried the last reply but i couldn't get through. I'm not sure if this is gene6's fault or mine (I"m going to try it tomorrow with my own filezilla program on a different network).

But here's a couple questions that i'm curious about:

Why port 65505 and not 1025, why is port 1025 bad?
Bridging a modem to my nas drive (tried it but I can't seem to find the settings in the router, I tried calling dlink support but they can't seem to fix my router issue as my router is using custom isp firmware (isp logos, etc...))

Here's my stack trace from gene 6

* About to connect() to hostname.dlinkddns.com port 65505
* Trying router ip... connected
* Connected to hostname.dlinkddns.com (router ip) port 65505
< 220---------- Welcome to Pure-FTPd [TLS] ----------
< 220-You are user number 1 of 2 allowed.
< 220-Local time is now 02:45. Server port: 65505.
< 220-This server supports FXP transfers
< 220 You will be disconnected after 5 minutes of inactivity.

> USER david
< 331 User david OK. Password required

> PASS *****
< 230 OK. Current restricted directory is /

Thanks again!
> PWD
< 257 "/" is your current location
* Entry path is '/'

> CLNT Testing from http://www.g6ftpserver.com/ftptest from IP router ip
< 500 Unknown command
* QUOT command failed with 500
* Connection #0 to host hostname.dlinkddns.com left intact

* Closing connection #0

[zanass]

I found this advice on here after looking for a long time and it worked perfect:::::

Thank You Geraner


FTP over TLS works perfektly for my behind the DIR-655.
Now I'm running a DIR-825 but the configurations are the same as I had on the DIR-655.

My FTP-settings in the DNS-323 with Firmware 1.08 are the following:
-------
Max. User: 10
Idle Time: 10 (minutes)
Port: 21212 (to avoid FTP-hacking attacks)
Passive Mode: Use the following port range: 30000 - 30020
Client Language: Northern European
Flow Control: Unlimited
SSL/TLS:  (marked) Allow SSL/TLS connection only
-------

Now to the settings in the DIR-825.
-------
Advanced -> Port Forwarding:
1. Enabled
Name: FTP-Server
IP-Addres: IP of DNS-323
TCP: 21212
Schedule: Always

2. Enabled
Name: Passive-FTP
IP-Addres: IP of DNS-323
TCP: 30000-30020
Schedule: Always
-------

That's everything. FTP over SSL is working perfectly for me.
Running FileZilla as FTP program. Settings there are:
Port: 21212
Servertype: FTPES - FTP over explicit TLS/SSL.

/Geraner