sahan last edited by
i cant upload files using filezilla when i using pfsense firewall
the error will be
"Error: GnuTLS error -110: The TLS connection was non-properly terminated.
Status: Server did not properly shut down TLS connection
Error: The data connection could not be established: ECONNABORTED - Connection aborted
Error: Connection timed out after 20 seconds of inactivity
Error: File transfer failed
pls help me!
Connecting to pfSense using a SSH client like Putty works for you ?
sahan last edited by
but how to fix that error
the pfsense is running on my company,the staff members cannot use filezilla.
the filezilla is use my web developer.
he cant upload files using ftp
Gertjan last edited by Gertjan
The ftp client package in pfsense is not going to work using ftps.. The control channel is encrypted and pfsense can not see what ports to open up for the data channel.
You can not use active connection to ftp server outside pfsense if the control channel can not be seen by pfsense so it can open the ports for the inbound data channel.. Use Passive!! So the client will create the data channel connection.
Which will work if you are using the default any any lan rules, but if you have locked them down and only allow specific ports out - then yeah you could have problems even with passive.
A better understanding of what "exactly" your trying to do would be helpful - where is the client, where is the server..
Does this concerns TLS (SSL) - or a classic FTP client server access ?
FTP over TLS/SSL is just a TCP stream, as visiting a HTTPS web site, but on port 22 (not 21) instead of 80.
Today, I'm still using a FTP client from my LAN to access a very ancient (last century) FTP server on the Internet. Didn't have to do anything on pfSense to make that work.
Note : I do not have FTP servers on my pfSense LAN that should be made available from the Internet.
It's time @sahan start to communicate.
but on port 22 (not 21)
ftps would normally be on port 990, if implicit - if explicit the normal 21 port. 22 would be sftp.. Completely different animals.
Why anyone still uses ftp at all is just shameful to be honest.. All you ever do is run into this sort of nonsense issues. Why can they not just upload the files to this server via sftp or https?
The different channels, control and data just pita when it comes to nat.. Then throw in active vs passive into the mix and you have different directions of who is going to create the data channel. And then if you try and encrypt the control channel the firewall between can not even help you with the ports that will need to be opened, etc.
ah sorry didn't noticed tls, my mind just focused on "filezilla"
Start focussing on answering our question.
Doing so will help us helping you.
Otherwise this thread becomes pretty useless.