Submitted by nickolasnikolic on Fri, 11/09/2018 - 14:28
I really like to work remotely. My FTP works wonders when within the machine, but how externally?
Status:
Active
I really like to work remotely. My FTP works wonders when within the machine, but how externally?
Comments
Submitted by andreychek on Fri, 11/09/2018 - 14:33 Comment #1
Howdy -- FTP should always be accessible, regardless of what system you're coming from.
If it isn't working, what error do you see?
Submitted by nickolasnikolic on Fri, 11/09/2018 - 20:42 Comment #2
Status: Resolving address of farmersfields.farm
Status: Connecting to 75.86.240.16:21...
Status: Connection established, waiting for welcome message...
Status: Initializing TLS...
Status: Verifying certificate...
Status: TLS connection established.
Status: Logged in
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is the current directory
Command: TYPE I
Response: 200 Type set to I
Command: PORT 70,92,170,123,238,133
Response: 200 PORT command successful
Command: MLSD
Error: Connection timed out after 20 seconds of inactivity
Error: Failed to retrieve directory listing
Status: Disconnected from server
Status: Resolving address of farmersfields.farm
Status: Connecting to 75.86.240.16:21...
Status: Connection established, waiting for welcome message...
Status: Initializing TLS...
Status: Verifying certificate...
Status: TLS connection established.
Status: Logged in
Status: Retrieving directory listing...
Submitted by andreychek on Sat, 11/10/2018 - 00:17 Comment #3
Ah, you might be seeing this issue here:
https://www.virtualmin.com/documentation/web/faq#toc-ftp-service-isnt-wo...
That often indicates that there's some sort of router or firewall in front of the server that's causing some issues.
Try the kernel module mentioned in the link above, and see if that helps resolve the problem you're having with accessing your server via FTP.
Submitted by nickolasnikolic on Sat, 11/10/2018 - 01:26 Comment #4
nn@farmersfields:~$ sudo modprobe ip_conntrack_ftp [sudo] password for nn: Sorry, try again. [sudo] password for nn: nn@farmersfields:~$ sudo apt install ip_conntrack_ftp Reading package lists... Done Building dependency tree
Reading state information... Done E: Unable to locate package ip_conntrack_ftp nn@farmersfields:~$ sudo apt-get install ip_conntrack_ftp Reading package lists... Done Building dependency tree
Reading state information... Done E: Unable to locate package ip_conntrack_ftp nn@farmersfields:~$
hmmm how do I install it?
Submitted by andreychek on Sat, 11/10/2018 - 09:07 Comment #5
I unfortunately don't have an Ubuntu 18.04 system handy, but is it perhaps called "nf_conntrack_ftp" on your system? Try loading the module using that name and see if that helps.
Submitted by nickolasnikolic on Sat, 11/10/2018 - 09:34 Comment #6
Well that file seems to be it. Here is what I've got:
nn@farmersfields:~$ sudo cat /proc/net/ip_tables_matches conntrack conntrack conntrack udplite udp tcp icmp
running commands from this page: https://serverfault.com/questions/887309/iptables-nf-conntrack-ftp-not-w...
Anything else I can do?
Submitted by andreychek on Sat, 11/10/2018 - 10:17 Comment #7
Great, glad to hear you were able to load that module!
Any change in how the client works? Or are you saying you receive the same error?
Submitted by nickolasnikolic on Sat, 11/10/2018 - 10:18 Comment #8
same error :-(
Submitted by nickolasnikolic on Sun, 11/11/2018 - 06:54 Comment #9
bump
Submitted by andreychek on Sun, 11/11/2018 - 09:04 Comment #10
Sorry, we have a small team of just 4 people here at Virtualmin... we're happy to help, but responses can take a bit longer on the weekends than they do during business hours on the weekday.
Is there a firewall running on your server? You may want to try disabling that to see if that helps. That will help identify if the problem is related to your server, or whether there's some other router or firewall in front of your server that's causing the issue.
Note that another option would be to use SFTP, which generally doesn't run into these same issues, as the entire protocol runs over port 22, unlike FTP which uses several ports.
Submitted by JamieCameron on Sun, 11/11/2018 - 13:12 Comment #11
Yeah, regular FTP uses a second TCP connection to perform downloads and directory listing, so if your firewall isn't setup to allow that (ie. by allowing related connections on Linux), you can run into these kinds of issues.
Submitted by nickolasnikolic on Sun, 11/11/2018 - 18:09 Comment #12
Status: Waiting to retry... Status: Connecting to farmersfields.farm... Response: fzSftp started, protocol_version=8 Command: open "farmersfields@farmersfields.farm" 22 Error: Connection refused Error: Could not connect to server
Submitted by andreychek on Sun, 11/11/2018 - 22:02 Comment #13
If you hadn't already, you may want to stop any firewall that's running on your server there. A firewall could possibly be interfering with things.
If the firewall is already stopped -- is this server behind a NAT router? If so, it's possible that the ports need to be forwarded from the router to the server.