Solved

Permissions with my FTP...

Posted on 2004-04-03
10
282 Views
Last Modified: 2012-05-04
Hi, i'm back

i've set up an ftp server on my mandrake 10.
Now i've forwarded port 21 on my router.
If I type my internal IP , everything works fine...
If I type my external IP, it's not alright.

He gives the following error:
"An error accurred reading the contents of the folder. Make sure the file name is vlid and you have permission to access the location specified.
Details: A connection with the server could nog be established"

How can i get external on my ftp, (my port 21 is forwarded)
0
Comment
Question by:koenvdl
  • 3
  • 3
  • 2
10 Comments
 
LVL 44

Accepted Solution

by:
Karl Heinz Kremer earned 250 total points
ID: 10747554
Make sure that you use passive ftp on your client.

How are you testing your external IP address? If you do this from within your private network, it may not work (this depends on how your router handles this). You need to test this from a computer that is external to your private network.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 10747707
For a passive FTP connection, which is the only thing that makes sense for clients accessing your FTP server from the Internet, you need port 21 accepting inbound connections and forwarded to your server and ephemeral ports (>1024) allowed and forwarded. Since forwarding all of the ephemeral ports will pretty much eliminate Internet access for other clients in the LAN you need to be using an FTP server that allows a limited range of ephermeral ports to be configured, for example ProFTP.

For a good explanation of what happens in an FTP session see http://slacksite.com/other/ftp.html
0
 

Author Comment

by:koenvdl
ID: 10747852
I've configured vsFTP on my mandrake workstation...

at my selfmade router pc,
when I typ: ftp://192.168.1.2 , i'll see my pub...
when I typ: ftp://80.12.123.23 , he sais that error.

My port is at my Win2000 SP4 self made router forwarded with the windows services...
0
 
LVL 44

Expert Comment

by:Karl Heinz Kremer
ID: 10747860
I just tried to connect to the IP address you specified, and entered ftp/ftp as user id /password and then got the error message that the password was not correct. Besides the slow speed, it looks like I'm able to connect to your ftp server.
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 40

Expert Comment

by:jlevie
ID: 10747994
Connecting is one thing and actually doing something is another. With only port 21/TCP allowed and forwarded to the FTP server you can login and do any operation that doesn't require a data transfer, like "ls", "dir", "get", "put", etc. For a data transfer to occur the PASSIVE client must be able to open a connection to the FTP server using an ephemeral port.
0
 

Author Comment

by:koenvdl
ID: 10758372
@khremer: That wasn't my IP...it was just an IP in my mind :)
@jlevie: yes , but i can't do a data transfer,when i can't connect external...
and internal the datatransfer work perfectly.
0
 
LVL 44

Expert Comment

by:Karl Heinz Kremer
ID: 10758422
Have you tried to connect from a machine that is not on your subnet?
0
 
LVL 40

Assisted Solution

by:jlevie
jlevie earned 250 total points
ID: 10759071
> @jlevie: yes , but i can't do a data transfer,when i can't connect external...

Right and that would be because your firewall isn't allowing external clients to connect on an ephemeral (>1024) port. Opening and forwarding all of the empheral ports (1024-65535) would make inbound FTP work, but it will break all other Internet access. If your FTP server can be configured to listen on a subset of the ephemeral ports, say 50000-65535, (ProFTP allows this) you can open & forward that range to the FTP server.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now