Solved

Filezilla Client/Server setup behind router(s)

Posted on 2014-03-23
12
1,570 Views
Last Modified: 2014-03-29
I've installed Filezilla Client on a Windows 2008 server behind a Fortigate firewall which protects our domain.

I've installed Filezilla Server on a Windows 7 home computer.  This home computer is behind a public Static IP Address: 208.xx.xx.xxx on an AT&T modem that is set in "Bridged" mode to allow traffic to pass through to my own Linksys/Cisco router.  This home router handles DHCP for my home network.  Each computer on my home network has its own listening port as I need to access different home computers while away from my home on business.  The IP addressing scheme is:  192.168.x.xxx:3390.  3390 is the listening port of the computer on which Filezilla Server is installed.  My own home router has Port Forwarding enabled and set up correctly.

From the domain, Filezilla Client has already been used to connect to 3rd Party software vendors with whom I must transfer/received files occasionally.  Because of this, I feel the client software is already configured correctly.  In Filezilla Client, I'm using the Static IP address (208.xx.xx.xxx) in the "Host Name" field.  Username and Password fields are populated with the Windows 7 Home PC Username and Password.  I'm not sure what to put into the "Port" field, although I've tried the default 14147, 21, 3390 (listening Port of home PC), but nothing works.

I do receive "Connected to Server, waiting for Welcome Message", but no connection is ever established.

Please advise.
0
Comment
Question by:baleman2
  • 5
  • 5
  • 2
12 Comments
 
LVL 17

Expert Comment

by:lruiz52
Comment Utility
You can do two things;
You have to open port 3390 outbound on your fortigate firewall.

Or

change listening port on your FileZilla server to standard FTP port 21.
0
 
LVL 17

Expert Comment

by:lruiz52
Comment Utility
You can do one of two things;
You have to open port 3390 outbound on your fortigate firewall.

Or

change listening port on your FileZilla server to standard FTP port 21.
0
 
LVL 34

Expert Comment

by:Dan Craciun
Comment Utility
3390 is usually the port for RDP, and I think your router is setup to allow connections on this port to allow RDP connections.
You can't use the same port for the FTP server and RDP, if they both run at the same time. I would suggest sticking with the default 21 for FTP and adding the NAT rule for it in the router.

HTH,
Dan
0
 

Author Comment

by:baleman2
Comment Utility
Let me update some of my initial setting(s) info on the Filezilla Server.  When I click on the Filezilla Server icon to open it up, a popup is displayed that shows the default server IP address to be:  127.0.0.1.  The default port is:  14147.  

So, do either of these settings need to be changed before proceeding with your suggestions?

To lruiz52:
          Is it the default port just mentioned above that must be changed to 21?  Because, if I accept the defaults and allow Filezilla Server to open, I can then drill thru the Top Menu to: Edit->Settings and the default port that's listed there is 21.

To Dan Craciun:
          My home router has allowed me to "port forward" to 3390, 3391, 3392, and 3393 to specific home IP addresses (192.168.x.xxx:3390 thru 3393) in order to RDP from the outside world into my home network.  I'm not sure I understand if you're asking me to make a change in my home router or not?  More details, please.
0
 
LVL 34

Expert Comment

by:Dan Craciun
Comment Utility
If the port Filezilla server listens to is 14147, then you must add a rule in your router to forward an external port (can be 14147 for simplicity, but not necessarily) to the internal IP of the server, on port 14147.

BTW, by default 14147 is NOT the port Filezila server listens to, it's the port for the administrative console. In other words, on that port you can only configure Filezilla, not see the files.

See FAQ no 3 here: https://wiki.filezilla-project.org/FAQ
0
 

Author Comment

by:baleman2
Comment Utility
Attached is a screenshot of my router's "Port Forwarding" settings.  I've made entries (without enabling) that I think would cover all the possibilities.  Which one of these entries would allow connectivity, in your opinion?

Also, on the Filezilla Client, should I be using the Static Public IP address as the HOST field entry.  Would Username and Password be required on the Filezilla Client, i.e., Username and Password of the Filezilla Server or the Windows 7 PC itself?
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 34

Expert Comment

by:Dan Craciun
Comment Utility
Attached?
0
 

Author Comment

by:baleman2
Comment Utility
Sorry, that screenshot should be available now.
Screen-Shot-03-23-14-at-03.51-PM.PNG
0
 
LVL 34

Expert Comment

by:Dan Craciun
Comment Utility
Check the box where it says "Enabled". Right now, you added a rule for ftp on your router but it's not active.
0
 

Author Comment

by:baleman2
Comment Utility
Purposely unchecked in the screenshot.  I'd already tried to connect when it was checked and couldn't make a connection.

Can both the FTP and RDP ports be forwarded to the same internal address?  Take a look at RDP1 in the screenshot - 3380 is already forwarded to 192.168.1.25.
0
 

Author Comment

by:baleman2
Comment Utility
3389, typo on my part.
0
 
LVL 34

Accepted Solution

by:
Dan Craciun earned 500 total points
Comment Utility
Nope. Only one application can listen on a port.

Did you make an exception for Filezilla Server in Windows firewall?

You can check if you can connect to the server from inside your local network.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

When you are trying to access the server, have you ever encountered "The terminal server has exceeded the maximum number of allowed connection" error?  or "The user is attempting to log on to a Terminal Server in Remote Administration mode, but the …
With the withdrawal of support for Windows Server 2003 this summer, many clients face the issue of moving away from their 2003 installs. There are a few options out there that many people/companies are selling. But the clients I have, haven't wanted…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now