[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2007
  • Last Modified:

Passive FTP Server

I'm trying to setup a FTP Server using  Cerberus FTP Server Software.

The network has a Verizon DSL Modem (GT704-WG-B) and a WiFi router (WRT54G).

The FTP Server's IP is 192.168.0.251
The internal IP Address for the WiFi Router is 192.168.0.111
The WAN Address for the WiFi router is 192.168.1.47
The WAN Address for the DLS Modem is 71.251.61.7
The FTP ports are 20 and 21
The Passive FTP ports are 50000 - 50050

The ports are forwarded from the DSL router to the WiFi router like this:

FTP Ports:
 FTP Port Forwarding for the DSL Modem
Passive FTP Ports:
 FTP Passive Port Forwarding for DSL Modem
The ports are forwarded to the WiFi router and then forwarded to the FTP Server like this:

 Port Forwarding for the WiFi router
The Interface settings for the FTP Server is setup like this:

 FTP Server Interface Settings
The Passive settings for the FTP Server is set like this:

 FTP Server Passive Settings
When i try to connect from the internet and into the FTP Server Client side will give me this error message (including the connection messages):

Status:	Connecting to 71.251.61.7:21...
Status:	Connection established, waiting for welcome message...
Response:	220-Cerberus FTP Server - Personal Edition
Response:	220-This is the UNLICENSED personal edition and may be used for home, personal use only
Response:	220 Welcome to FTP
Command:	USER UserName
Response:	331 User UserName, password please
Command:	PASS *****
Response:	230 Password Ok, User logged in - This is an UNLICENSED copy of Cerberus FTP Server Personal edition
Command:	SYST
Response:	215 UNIX Type: L8
Command:	FEAT
Response:	211- Additional features supported include:
Response:	 MDTM
Response:	 MFCT
Response:	 MFMT
Response:	 SIZE
Response:	 REST STREAM
Response:	 AUTH TLS
Response:	 AUTH SSL
Response:	 PBSZ
Response:	 EPRT
Response:	 EPSV
Response:	 XCRC
Response:	 XSHA1
Response:	 XSHA256
Response:	 XSHA512
Response:	 XMD5
Response:	 PROT
Response:	 LANG EN*
Response:	 SITE PSWD
Response:	 SITE ZONE
Response:	 SITE UTIME
Response:	 MLST Type*;Size*;Modify*;Create*;
Response:	 CLNT
Response:	 CSID
Response:	 RMDA
Response:	 UTF8
Response:	211 End
Command:	CLNT FileZilla
Response:	200 Command okay
Command:	OPTS UTF8 ON
Response:	220 UTF8 support on
Status:	Connected
Status:	Retrieving directory listing...
Command:	PWD
Response:	257 "/" is the current directory
Command:	TYPE I
Response:	200 Type Binary
Command:	PASV
Error:	Disconnected from server: ECONNABORTED - Connection aborted
Error:	Failed to retrieve directory listing

Open in new window


And this is how the Server side looks like:

2011/10/27 13:53:39	 [172]	 Incoming connection request on FTP interface 17 at 192.168.0.251

2011/10/27 13:53:39	 [172]	 FTP connection request accepted from 96.241.211.120

2011/10/27 13:53:39	 [172]	 USER UserName

2011/10/27 13:53:39	 [172]	 331 User UserName, password please  

2011/10/27 13:53:39	 [172]	 PASS ***********

2011/10/27 13:53:39	 [172]	 Native user 'UserName' authenticated

2011/10/27 13:53:39	 [172]	 230 Password Ok, User logged in - This is an UNLICENSED copy of Cerberus FTP Server Personal edition  

2011/10/27 13:53:39	 [172]	 SYST 

2011/10/27 13:53:39	 [172]	 215 UNIX Type: L8  

2011/10/27 13:53:39	 [172]	 FEAT 

2011/10/27 13:53:39	 [172]	 211- Additional features supported include:   MDTM   MFCT   MFMT   SIZE   REST STREAM   AUTH TLS   AUTH SSL   PBSZ   EPRT   EPSV   XCRC   XSHA1   XSHA256   XSHA512   XMD5   PROT   LANG EN*   SITE PSWD   SITE ZONE   SITE UTIME   MLST Type*;Size*;Modify*;Create*;   CLNT   CSID   RMDA   UTF8  211 End  

2011/10/27 13:53:39	 [172]	 CLNT FileZilla

2011/10/27 13:53:39	 [172]	 200 Command okay  

2011/10/27 13:53:39	 [172]	 OPTS UTF8 ON

2011/10/27 13:53:39	 [172]	 220 UTF8 support on  

2011/10/27 13:53:39	 [172]	 PWD 

2011/10/27 13:53:39	 [172]	 257 "/" is the current directory  

2011/10/27 13:53:39	 [172]	 TYPE A

2011/10/27 13:53:39	 [172]	 200 Type ASCII  

2011/10/27 13:53:39	 [172]	 PASV 

2011/10/27 13:53:39	 [172]	 227 Entering Passive Mode (71,251,61,7,195,119)  

2011/10/27 13:53:39	 [172]	 Closing connection: An existing connection was forcibly closed by the remote host.  

2011/10/27 13:53:39	 [172]	 Connection terminated

Open in new window


I have disabled all firewalls (DSL Modem, WiFi router and FTP Server). There are no virus software installed on the server.

When I run PFPortChecker on the FTP Server for port 50000 I get:

Ping Result: We were not able to ping your router.
Port Check Result: Your port is OPEN on this computer!

Any idea why the Passive FTP is not working? If I run Active FTP it is working fine.
0
Ola3
Asked:
Ola3
  • 3
  • 2
1 Solution
 
itguy565Commented:
From what you are describing I would almost bet that you have ICMP disabled on your router.
0
 
AlexPaceCommented:
It looks like the client either didnt receive or didnt log the server's PASV response.

Try using a different client and see if you get the same result.  Better yet, use a client that writes a timestamp to each line of the trace log so you can get an idea if this disconnect happens straight away or if it is due to a timeout.
0
 
Ola3Author Commented:
Do you mean that the ICMP is disambled on the WiFi router? I don't think there are any settings to disable/enable this...

Her is new logs with time stamp on both ends:

Server Side:

2011/11/03 11:57:47	 [239]	 Incoming connection request on FTP interface 19 at 192.168.0.251
2011/11/03 11:57:47	 [239]	 FTP connection request accepted from 96.241.211.120
2011/11/03 11:57:47	 [239]	 USER ola
2011/11/03 11:57:47	 [239]	 331 User UserName, password please  
2011/11/03 11:57:47	 [239]	 PASS ***********
2011/11/03 11:57:47	 [239]	 Native user 'ola' authenticated
2011/11/03 11:57:47	 [239]	 230 Password Ok, User logged in - This is an UNLICENSED copy of Cerberus FTP Server Personal edition  
2011/11/03 11:57:47	 [239]	 SYST 
2011/11/03 11:57:47	 [239]	 215 UNIX Type: L8  
2011/11/03 11:57:48	 [239]	 FEAT 
2011/11/03 11:57:48	 [239]	 211- Additional features supported include:   MDTM   MFCT   MFMT   SIZE   REST STREAM   AUTH TLS   AUTH SSL   PBSZ   EPRT   EPSV   XCRC   XSHA1   XSHA256   XSHA512   XMD5   PROT   LANG EN*   SITE PSWD   SITE ZONE   SITE UTIME   MLST Type*;Size*;Modify*;Create*;   CLNT   CSID   RMDA   UTF8  211 End  
2011/11/03 11:57:48	 [239]	 CLNT FileZilla
2011/11/03 11:57:48	 [239]	 200 Command okay  
2011/11/03 11:57:48	 [239]	 OPTS UTF8 ON
2011/11/03 11:57:48	 [239]	 220 UTF8 support on  
2011/11/03 11:57:48	 [239]	 PWD 
2011/11/03 11:57:48	 [239]	 257 "/" is the current directory  
2011/11/03 11:57:48	 [239]	 TYPE A
2011/11/03 11:57:48	 [239]	 200 Type ASCII  
2011/11/03 11:57:48	 [239]	 PASV 
2011/11/03 11:57:48	 [239]	 227 Entering Passive Mode (71,251,61,7,195,98)  
2011/11/03 11:57:48	 [239]	 Closing connection: An existing connection was forcibly closed by the remote host.  
2011/11/03 11:57:48	 [239]	 Connection terminated

Open in new window


Client Side:

. 2011-11-03 11:57:48.695 Connecting to 71.251.61.7 ...
. 2011-11-03 11:57:48.727 Connected with 71.251.61.7. Waiting for welcome message...
< 2011-11-03 11:57:48.852 220-Cerberus FTP Server - Personal Edition
< 2011-11-03 11:57:48.852 220-This is the UNLICENSED personal edition and may be used for home, personal use only
< 2011-11-03 11:57:48.852 220 Welcome to Imperium's Filestorage
> 2011-11-03 11:57:48.852 USER UserName
< 2011-11-03 11:57:48.914 331 User UserName, password please
> 2011-11-03 11:57:48.914 PASS *****
< 2011-11-03 11:57:49.039 230 Password Ok, User logged in - This is an UNLICENSED copy of Cerberus FTP Server Personal edition
> 2011-11-03 11:57:49.039 SYST
< 2011-11-03 11:57:49.102 215 UNIX Type: L8
> 2011-11-03 11:57:49.102 FEAT
< 2011-11-03 11:57:49.195 211- Additional features supported include:
< 2011-11-03 11:57:49.195  MDTM
< 2011-11-03 11:57:49.195  MFCT
< 2011-11-03 11:57:49.195  MFMT
< 2011-11-03 11:57:49.195  SIZE
< 2011-11-03 11:57:49.195  REST STREAM
< 2011-11-03 11:57:49.195  AUTH TLS
< 2011-11-03 11:57:49.195  AUTH SSL
< 2011-11-03 11:57:49.195  PBSZ
< 2011-11-03 11:57:49.195  EPRT
< 2011-11-03 11:57:49.195  EPSV
< 2011-11-03 11:57:49.195  XCRC
< 2011-11-03 11:57:49.195  XSHA1
< 2011-11-03 11:57:49.195  XSHA256
< 2011-11-03 11:57:49.195  XSHA512
< 2011-11-03 11:57:49.195  XMD5
< 2011-11-03 11:57:49.195  PROT
< 2011-11-03 11:57:49.195  LANG EN*
< 2011-11-03 11:57:49.195  SITE PSWD
< 2011-11-03 11:57:49.195  SITE ZONE
< 2011-11-03 11:57:49.195  SITE UTIME
< 2011-11-03 11:57:49.195  MLST Type*;Size*;Modify*;Create*;
< 2011-11-03 11:57:49.195  CLNT
< 2011-11-03 11:57:49.195  CSID
< 2011-11-03 11:57:49.195  RMDA
< 2011-11-03 11:57:49.195  UTF8
< 2011-11-03 11:57:49.195 211 End
> 2011-11-03 11:57:49.195 CLNT FileZilla
< 2011-11-03 11:57:49.258 200 Command okay
> 2011-11-03 11:57:49.258 OPTS UTF8 ON
< 2011-11-03 11:57:49.336 220 UTF8 support on
. 2011-11-03 11:57:49.352 Connected
. 2011-11-03 11:57:49.352 --------------------------------------------------------------------------
. 2011-11-03 11:57:49.352 Using FTP protocol.
. 2011-11-03 11:57:49.352 Doing startup conversation with host.
> 2011-11-03 11:57:49.352 PWD
< 2011-11-03 11:57:49.414 257 "/" is the current directory
. 2011-11-03 11:57:49.414 Getting current directory name.
. 2011-11-03 11:57:49.430 Retrieving directory listing...
> 2011-11-03 11:57:49.430 TYPE A
< 2011-11-03 11:57:49.461 200 Type ASCII
> 2011-11-03 11:57:49.461 PASV
. 2011-11-03 11:57:51.023 Disconnected from server
. 2011-11-03 11:57:51.023 Could not retrieve directory listing
* 2011-11-03 11:57:51.039 (ESshFatal) Lost connection.
* 2011-11-03 11:57:51.039 Disconnected from server
* 2011-11-03 11:57:51.039 Could not retrieve directory listing
* 2011-11-03 11:57:51.055 Type ASCII
* 2011-11-03 11:57:51.055 Error listing directory '/'.
. 2011-11-03 11:57:52.852 Timeout detected.

Open in new window


0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
AlexPaceCommented:
The server agreed to do a passive mode transfer on port 50018 but then immediately (within the same second) reports that the connection was terminated by the remote host.

The client meanwhile requires slightly longer than 1.5 seconds to report the disconnection.  There could be some slack here since the server doesn't do milliseconds but it sure looks like the server knows that the client disconnected before the client knows that the client disconnected.  

Based on that weak "evidence" I would suspect the DSL Modem, WiFi router or even your ISP blocking FTP...  except if Active Mode data channels work that slants against ISP-level blocking as the potential cause.  The strange thing is that Passive Mode is much more "firewall friendly" because it is the client opening a second outbound connection to the server... and in active mode the server makes the outbound connection to the client.

I would discount the client log's timeout report at +3seconds as invalid logging artifact because a 3 second FTP timeout would be just silly and it happens after the disconnection rather than before it.
0
 
Ola3Author Commented:
I finally decided to remove my LinkSys router and use the Verizon Router and WiFi only. Now it is working. I'll use my LinkSys router as a slave somewhere else in my network. Thanks for trying to help me.
0
 
Ola3Author Commented:
Didn't really answer my question, but solved the problem.
0

Featured Post

Upgrade your Question Security!

Add Premium security features to your question to ensure its privacy or anonymity. Learn more about your ability to control Question Security today.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now