Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    FTPES not working outbound

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 2 Posters 4.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • 4 Offline
      4nd3r5
      last edited by

      I have a basic setup with only one WAN and just the default firewall rules.
      I can connect to ordinary anonymous ftp servers and download files just perfect. But when i try to connect to a FTPES (FTP over explicit TLS/SSL) server i get a timeout:
      This is the output from filezilla, I get the same result with SmartFTP.

      12:23:19 Status: Resolving IP-Address for xx.xx
      12:23:19 Status: Connecting to xx.yy.zz.ww:21…
      12:23:19 Status: Connection established, waiting for welcome message...
      12:23:19 Response: 220 Welcome to xx
      12:23:19 Command: AUTH TLS
      12:23:19 Response: 234 Proceed with negotiation.
      12:23:19 Status: Initializing TLS...
      12:23:19 Command: USER xxx
      12:23:40 Error: Connection timed out

      BTW SCP to the same server works just fine.
      And this works fine behind my old crappy Zyxell router.
      Hope anyone has any suggestions.

      /Anders

      1 Reply Last reply Reply Quote 0
      • 4 Offline
        4nd3r5
        last edited by

        Bumping issue…
        Anyone has a suggestion?

        1 Reply Last reply Reply Quote 0
        • K Offline
          ken0069
          last edited by

          I don't have an answer but have near the same problem.

          I can use a Winders XP box setup for ICS running Blackice Defender and connect to encrypted ftps no problem but pfsense will NOT allow me to connect to two of the three I usually visit?  Here is the Filezilla log from one of those.

          Status: Connecting to ... …
          Status: Connected with ..., negotiating SSL connection...
          Response: 220 Serv-U FTP Server v6.2 for WinSock ready...
          Command: AUTH SSL
          Response: 234 AUTH command OK. Initializing SSL connection.
          Error: Timeout detected!
          Error: Unable to connect!

          Seems that pfsense is blocking the return command port or something like that as secure ftps use two ports.  One for data and the other for commands.

          ftp helper is enabled on mine so that doesn't help?

          So is there any work around for this problem?

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.