Wade_Chestnut
asked on
Secure FTP on ReadyNAS Pro using FileZilla
The Netgear ReadyNAS Pro is set up to run FTP/S using ProFTP 1.3.3 Server and I'm using the latest FileZilla FTP client. On the LAN, I can connect securely using FTPES (FTP over explicit TSL/SSL) using Port 21.
I opened a port on the SonicWALL to direct incoming WAN Port 21 traffic to the ReadyNAS. On a laptop that's outside our SonicWALL, I can establish a secure FTPES connection but it can't list the files in the share. Here's a dump of the FileZilla log:
Status: Connecting to X.X.X.X:21...
Status: Connection established, waiting for welcome message...
Response: 220 ProFTPD 1.3.3 Server (NETGEAR ReadyNAS) [192.168.0.50]
Command: AUTH TLS
Response: 234 AUTH TLS successful
Status: Initializing TLS...
Status: Verifying certificate...
Command: USER xxxxx
Status: TLS/SSL connection established.
Response: 331 Password required for xxxxx
Command: PASS **********
Response: 230 User xxxxx logged in
Command: SYST
Response: 215 UNIX Type: L8
Command: FEAT
Response: 211-Features:
Response: MDTM
Response: MFMT
Response: TVFS
Response: UTF8
Response: AUTH TLS
Response: MFF modify;UNIX.group;UNIX.mod e;
Response: MLST modify*;perm*;size*;type*; unique*;UN IX.group*; UNIX.mode* ;UNIX.owne r*;
Response: LANG en-US*
Response: PBSZ
Response: PROT
Response: SITE MKDIR
Response: SITE RMDIR
Response: SITE UTIME
Response: SITE SYMLINK
Response: REST STREAM
Response: SIZE
Response: 211 End
Command: OPTS UTF8 ON
Response: 200 UTF8 set to on
Command: PBSZ 0
Response: 200 PBSZ 0 successful
Command: PROT P
Response: 200 Protection set to Private
Status: Connected
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is the current directory
Command: TYPE I
Response: 200 Type set to I
Command: PORT 192,168,9,100,192,110
Response: 500 Illegal PORT command
Command: PASV
Response: 227 Entering Passive Mode (192,168,0,50,152,88).
Status: Server sent passive reply with unroutable address. Using server address instead.
Command: MLSD
Error: GnuTLS error -53: Error in the push function.
Any ideas?
I opened a port on the SonicWALL to direct incoming WAN Port 21 traffic to the ReadyNAS. On a laptop that's outside our SonicWALL, I can establish a secure FTPES connection but it can't list the files in the share. Here's a dump of the FileZilla log:
Status: Connecting to X.X.X.X:21...
Status: Connection established, waiting for welcome message...
Response: 220 ProFTPD 1.3.3 Server (NETGEAR ReadyNAS) [192.168.0.50]
Command: AUTH TLS
Response: 234 AUTH TLS successful
Status: Initializing TLS...
Status: Verifying certificate...
Command: USER xxxxx
Status: TLS/SSL connection established.
Response: 331 Password required for xxxxx
Command: PASS **********
Response: 230 User xxxxx logged in
Command: SYST
Response: 215 UNIX Type: L8
Command: FEAT
Response: 211-Features:
Response: MDTM
Response: MFMT
Response: TVFS
Response: UTF8
Response: AUTH TLS
Response: MFF modify;UNIX.group;UNIX.mod
Response: MLST modify*;perm*;size*;type*;
Response: LANG en-US*
Response: PBSZ
Response: PROT
Response: SITE MKDIR
Response: SITE RMDIR
Response: SITE UTIME
Response: SITE SYMLINK
Response: REST STREAM
Response: SIZE
Response: 211 End
Command: OPTS UTF8 ON
Response: 200 UTF8 set to on
Command: PBSZ 0
Response: 200 PBSZ 0 successful
Command: PROT P
Response: 200 Protection set to Private
Status: Connected
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is the current directory
Command: TYPE I
Response: 200 Type set to I
Command: PORT 192,168,9,100,192,110
Response: 500 Illegal PORT command
Command: PASV
Response: 227 Entering Passive Mode (192,168,0,50,152,88).
Status: Server sent passive reply with unroutable address. Using server address instead.
Command: MLSD
Error: GnuTLS error -53: Error in the push function.
Any ideas?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the suggestions, digitap. Unfortunately, we don't have the Enhanced OS so I can't use the suggested steps. We already have plans on replacing the SonicWALL with a FortiWiFi router in the next month or so.
I did read more on active vs. passive FTP and even tried to set a short (43085-43090), custom passive port range on the ReadyNAS and open those ports on the SonicWALL, but now it won't connect at all -- even when I tried to change the settings back. : \
I did read more on active vs. passive FTP and even tried to set a short (43085-43090), custom passive port range on the ReadyNAS and open those ports on the SonicWALL, but now it won't connect at all -- even when I tried to change the settings back. : \
ASKER
Nevermind! The darn ReadyNAS's FTP server wasn't running. It's working now! Thanks for your guidance!!
hehe...small details :) thanks for the points!
http://rdsrc.us/PUrvL6