-->

Di Belajar IT Online

10 Software Terbaik untuk Recovery Data Harddisk

Home  ›  SUPPORT

FTP with TLS/SSL using linux ubuntu with ProFTP behind NAT router

By 17:21 Add Comment
FTP with TLS/SSL using linux ubuntu with ProFTP behind NAT router - If you are Linux users and never setting ProFTP, then we ever get the following error on the client side when they are using application with FileZilla.
Filezilla error log:
1
2
3
Status:    Server sent passive reply with unroutable address. Using server address instead.
Command:    MLSD
Error:    GnuTLS error -53: Error in the push function.

This occurs if the FTP server is behind a NAT. username and password be sent to either, but by the time we get into that directory then we will get an error as above.


The error occurs when using FTP passive mode, the FTP server requires extra port for forwarding. passive mode means that the client start with two connection to the server (Connection command and data connection). Port 21 is used for command and authentication and other ports are used to transfer the actual data.


In the active module, the server opens a connection to port the client, but be connected from the outside, and a firewall that covers it. so this is why active mode is not used. Now back to the MLSD, the server does not know who is behind a router, and it may tell a client to connect to a port on the private IP.



To overcome this, we need to tell ProFTP that it is behind a router, so it can send the client a public IP address. ProFTP also need to have a variety of known ports are defined, the port must be forwarded from the router.



In the following example I will use:


192.168.1.100 - private IP for the box that's running ProFTP
111.35.34.35 - public IP (external router IP)
52500 - 52510 - range of forwarded ports 

1. Edit /etc/proftpd/proftpd.conf and modify the lines like that :
PassivePorts                  52500 52510
MasqueradeAddress               111.35.34.35

Restart ProFTPd after that.

/etc/init.d/proftpd restart

2. Forward 52500-52510 range (TCP) to 192.168.1.100 on your router.

Remember to replace the port range, private IP and public IP with your own data. Check the log for ProFTP in case of problems : /var/log/proftpd/tls.log.

Berlangganan update artikel terbaru via email:

0 Response to "FTP with TLS/SSL using linux ubuntu with ProFTP behind NAT router "

Post a Comment

Jangan lupa komentar ya

Subscribe to: Post Comments (Atom)

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel