• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3123
  • Last Modified:

Secure FTP on ReadyNAS Pro using FileZilla

The Netgear ReadyNAS Pro is set up to run FTP/S using ProFTP 1.3.3 Server and I'm using the latest FileZilla FTP client.  On the LAN, I can connect securely using FTPES (FTP over explicit TSL/SSL) using Port 21.

I opened a port on the SonicWALL to direct incoming WAN Port 21 traffic to the ReadyNAS.  On a laptop that's outside our SonicWALL, I can establish a secure FTPES connection but it can't list the files in the share.  Here's a dump of the FileZilla log:

Status:      Connecting to X.X.X.X:21...
Status:      Connection established, waiting for welcome message...
Response:      220 ProFTPD 1.3.3 Server (NETGEAR ReadyNAS) []
Command:      AUTH TLS
Response:      234 AUTH TLS successful
Status:      Initializing TLS...
Status:      Verifying certificate...
Command:      USER xxxxx
Status:      TLS/SSL connection established.
Response:      331 Password required for xxxxx
Command:      PASS **********
Response:      230 User xxxxx logged in
Command:      SYST
Response:      215 UNIX Type: L8
Command:      FEAT
Response:      211-Features:
Response:       MDTM
Response:       MFMT
Response:       TVFS
Response:       UTF8
Response:       AUTH TLS
Response:       MFF modify;UNIX.group;UNIX.mode;
Response:       MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;
Response:       LANG en-US*
Response:       PBSZ
Response:       PROT
Response:       SITE MKDIR
Response:       SITE RMDIR
Response:       SITE UTIME
Response:       SITE SYMLINK
Response:       REST STREAM
Response:       SIZE
Response:      211 End
Command:      OPTS UTF8 ON
Response:      200 UTF8 set to on
Command:      PBSZ 0
Response:      200 PBSZ 0 successful
Command:      PROT P
Response:      200 Protection set to Private
Status:      Connected
Status:      Retrieving directory listing...
Command:      PWD
Response:      257 "/" is the current directory
Command:      TYPE I
Response:      200 Type set to I
Command:      PORT 192,168,9,100,192,110
Response:      500 Illegal PORT command
Command:      PASV
Response:      227 Entering Passive Mode (192,168,0,50,152,88).
Status:      Server sent passive reply with unroutable address. Using server address instead.
Command:      MLSD
Error:      GnuTLS error -53: Error in the push function.

Any ideas?
  • 3
  • 2
1 Solution
i can see the log is wanting to move to passive mode which access a non-standard port.  review the links below.  the first is simply setting up the sonicwall for ftp access.  i think you've already done that.  the second discusses passive ftp and how it relates to the sonicwall.


also, review the link below as it has some good discussion on passive ftp relating to the sonicwall.

Wade_ChestnutAuthor Commented:
Thanks for the suggestions, digitap.  Unfortunately, we don't have the Enhanced OS so I can't use the suggested steps.  We already have plans on replacing the SonicWALL with a FortiWiFi router in the next month or so.

I did read more on active vs. passive FTP and even tried to set a short (43085-43090), custom passive port range on the ReadyNAS and open those ports on the SonicWALL, but now it won't connect at all -- even when I tried to change the settings back. : \
Wade_ChestnutAuthor Commented:
Nevermind!  The darn ReadyNAS's FTP server wasn't running.  It's working now!  Thanks for your guidance!!
hehe...small details :)  thanks for the points!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now