(SOLVED) FileZilla Server FTPS not Working - Passive Mode fails

RedViking

Nord of the South
Joined
Feb 23, 2012
Messages
75,774
Reaction score
60,628
Location
Midlands (KZN)
I am trying to create a server using FileZilla Server and use FTPS over Public Network/IP.

FileZilla (not FileZilla Server) error:

Status: Connection established, waiting for welcome message...​
Status: Initializing TLS...​
Status: Verifying certificate...​
Status: TLS connection established.​
Status: Logged in​
Status: Retrieving directory listing...​
Status: Server sent passive reply with unroutable address. Passive mode failed.
Command: PORT 192,168,1,5,255,237
Response: 200 Port command successful
Command: MLSD
Response: 150 Opening data channel for directory listing of "/"
Response: 425 Can't open data connection for transfer of "/"
Error: Failed to retrieve directory listing

FileZilla Server side:


> 230 Logged on​
> PBSZ 0​
> 200 PBSZ=0​
> PROT P​
> 200 Protection level set to P​
> PWD​
> 257 "/" is current directory.​
> TYPE I​
> 200 Type set to I​
> PASV​
> 227 Entering Passive Mode (192,168,1,8,248,94)​
> PORT 192,168,1,5,192,55​
> 200 Port command successful​
> MLSD​
> 150 Opening data channel for directory listing of "/"​
> 425 Can't open data connection for transfer of "/"​


Local network/IP it works fine:

Status: Connection established, waiting for welcome message...​
Status: Initializing TLS...​
Status: Verifying certificate...​
Status: TLS connection established.​
Status: Logged in​
Status: Retrieving directory listing...​
Status: Directory listing of "/" successful​
 
Firewall rule to allow the internet access to the service? Have you tried active mode as well? When I get that listing problem I try toggle between active/passive first.
 
Firewall rule to allow the internet access to the service? Have you tried active mode as well? When I get that listing problem I try toggle between active/passive first.
I tried Active, unfortunately it is still not working.

What firewall rule though? I've added FileZilla to the firewall and also Port 21.
I've got a Tenda router and added under NAT:
1551715775765.png

I assume it is Virtual Servers as there is no Port Forwarding option....
 
I tried Active, unfortunately it is still not working.

What firewall rule though? I've added FileZilla to the firewall and also Port 21.
I've got a Tenda router and added under NAT:
View attachment 627348

I assume it is Virtual Servers as there is no Port Forwarding option....

"The default Explicit FTPS port is 21. The default Implicit port is 990 ( after handshake it will switch automatically to 989 for data transmission, if not configured differently).May 22, 2009"

Perhaps those other two ports?
 
"The default Explicit FTPS port is 21. The default Implicit port is 990 ( after handshake it will switch automatically to 989 for data transmission, if not configured differently).May 22, 2009"

Perhaps those other two ports?
Still nothing.

If I connect without FTPS , and I then connect with FTPS , it seems to work. If I open Filezilla and forst thing connect with FTPS it doesn't work.
 
Last edited:
In filezilla specify your custom passive port ranges and enable forwarding rules for that range. There are more elegant ways to do this but most consumer routers lack the functionality to dynamically open the ports for the passive requests.
 
In filezilla specify your custom passive port ranges and enable forwarding rules for that range. There are more elegant ways to do this but most consumer routers lack the functionality to dynamically open the ports for the passive requests.
I will try that thanks.
 
In filezilla specify your custom passive port ranges and enable forwarding rules for that range. There are more elegant ways to do this but most consumer routers lack the functionality to dynamically open the ports for the passive requests.
Still no luck. :cautious:
 
Try using a non-default port number to rule out your router or another device blocking or manipulating your traffic over the default port..
I have tried that. Non default doesn't work with or without FTPS. Used Port 2100


> disconnected.
> Connected on port 2100, sending welcome message...
> 220-FileZilla Server 0.9.60 beta
> 220-written by Tim Kosse ([email protected])
> 220 Please visit https://filezilla-project.org/
> AUTH TLS
> 234 Using authentication type TLS
> TLS connection established
> USER xxxxxx
> 331 Password required for xxxxxxx
> PASS *************
> 230 Logged on
> PBSZ 0
> 200 PBSZ=0
> PROT P
> 200 Protection level set to P
> PWD
> 257 "/" is current directory.
> TYPE I
> 200 Type set to I
> PASV
> 421 Could not create socket.
> PORT 192,168,1,5,216,135
> 200 Port command successful
> MLSD
> 150 Opening data channel for directory listing of "/"
> 425 Can't open data connection for transfer of "/"
 
You need to specify your public ip in passive mode settings, the current ip of 192.168.1.5 is private netblock and unroutable on the net.

It tells the connecting client where to bind the socket to.

Can send you example config in the morning if you would like
 
Last edited:
You need to specify your public ip in passive mode settings, the current ip of 192.168.1.5 is private netblock and unroutable on the net.

It tells the connecting client where to bind the socket to.

Can send you example config in the morning if you would like
Please send me an example. Thanks!
 
I got so annoyed with the complexity of setting up a FTP server and these kinda hassles that I switched to SCP.
 
I got so annoyed with the complexity of setting up a FTP server and these kinda hassles that I switched to SCP.
Can you please send me a link so I can look into it. Googling SCP gives me some weird stuff.

It looks like with FTP the biggest issue is having a Router. But I didn't realise it is such a pain to set up. I know my lack of knowledge greatly contributes to the issues, but after doing so many google searches none of the solutions work. Maybe I just missing something....
 
Incoming Screenshots:

Server Side:
1551762405409.png

1551762572831.png

I have also tried with Port 21.


The computer connecting will have to use Windows Network Location most likely.
1551762761183.png
 
Can you please send me a link so I can look into it. Googling SCP gives me some weird stuff.

It looks like with FTP the biggest issue is having a Router. But I didn't realise it is such a pain to set up. I know my lack of knowledge greatly contributes to the issues, but after doing so many google searches none of the solutions work. Maybe I just missing something....
SCP is secure file copy. Its copying files over ssh (more secure).

Basically the syntax looks like:

# scp local_files/* [email protected]:/remote_location/

There is a windows client (with the ftp style/commander gui interface) called winscp. I think the people who make putty have one.
 
SCP is secure file copy. Its copying files over ssh (more secure).

Basically the syntax looks like:

# scp local_files/* [email protected]:/remote_location/

There is a windows client (with the ftp style/commander gui interface) called winscp. I think the people who make putty have one.

Thanks. I'll give it a shot.
 
Top
Sign up to the MyBroadband newsletter