Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    GnuTLS error

    Scheduled Pinned Locked Moved Firewalling
    10 Posts 4 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • sahanS
      sahan
      last edited by

      i cant upload files using filezilla when i using pfsense firewall
      the error will be
      "Error: GnuTLS error -110: The TLS connection was non-properly terminated.

      Status: Server did not properly shut down TLS connection
      Error: The data connection could not be established: ECONNABORTED - Connection aborted
      Error: Connection timed out after 20 seconds of inactivity
      Error: File transfer failed

      pls help me!

      1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan
        last edited by

        Hi,

        Connecting to pfSense using a SSH client like Putty works for you ?

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 1
        • sahanS
          sahan
          last edited by

          but how to fix that error

          the pfsense is running on my company,the staff members cannot use filezilla.
          the filezilla is use my web developer.
          he cant upload files using ftp

          GertjanG 1 Reply Last reply Reply Quote 0
          • GertjanG
            Gertjan @sahan
            last edited by Gertjan

            @sahan said in GnuTLS error:

            the filezilla is use my web developer.

            Connecting to a FTP (SFTP !) server somewhere on the Internet ?

            No "help me" PM's please. Use the forum, the community will thank you.
            Edit : and where are the logs ??

            1 Reply Last reply Reply Quote 0
            • kiokomanK
              kiokoman LAYER 8
              last edited by

              https://forum.netgate.com/topic/80717/ftp-client-proxy-package

              ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
              Please do not use chat/PM to ask for help
              we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
              Don't forget to Upvote with the 👍 button for any post you find to be helpful.

              1 Reply Last reply Reply Quote 0
              • johnpozJ
                johnpoz LAYER 8 Global Moderator
                last edited by johnpoz

                The ftp client package in pfsense is not going to work using ftps.. The control channel is encrypted and pfsense can not see what ports to open up for the data channel.

                You can not use active connection to ftp server outside pfsense if the control channel can not be seen by pfsense so it can open the ports for the inbound data channel.. Use Passive!! So the client will create the data channel connection.

                Which will work if you are using the default any any lan rules, but if you have locked them down and only allow specific ports out - then yeah you could have problems even with passive.

                A better understanding of what "exactly" your trying to do would be helpful - where is the client, where is the server..

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                SG-4860 24.11 | Lab VMs 2.8, 24.11

                1 Reply Last reply Reply Quote 0
                • GertjanG
                  Gertjan
                  last edited by

                  Yeah, right.

                  Does this concerns TLS (SSL) - or a classic FTP client server access ?
                  FTP over TLS/SSL is just a TCP stream, as visiting a HTTPS web site, but on port 22 (not 21) instead of 80.

                  Today, I'm still using a FTP client from my LAN to access a very ancient (last century) FTP server on the Internet. Didn't have to do anything on pfSense to make that work.

                  Note : I do not have FTP servers on my pfSense LAN that should be made available from the Internet.

                  It's time @sahan start to communicate.

                  No "help me" PM's please. Use the forum, the community will thank you.
                  Edit : and where are the logs ??

                  1 Reply Last reply Reply Quote 0
                  • johnpozJ
                    johnpoz LAYER 8 Global Moderator
                    last edited by johnpoz

                    @Gertjan said in GnuTLS error:

                    but on port 22 (not 21)

                    ftps would normally be on port 990, if implicit - if explicit the normal 21 port. 22 would be sftp.. Completely different animals.

                    Why anyone still uses ftp at all is just shameful to be honest.. All you ever do is run into this sort of nonsense issues. Why can they not just upload the files to this server via sftp or https?

                    The different channels, control and data just pita when it comes to nat.. Then throw in active vs passive into the mix and you have different directions of who is going to create the data channel. And then if you try and encrypt the control channel the firewall between can not even help you with the ports that will need to be opened, etc.

                    An intelligent man is sometimes forced to be drunk to spend time with his fools
                    If you get confused: Listen to the Music Play
                    Please don't Chat/PM me for help, unless mod related
                    SG-4860 24.11 | Lab VMs 2.8, 24.11

                    1 Reply Last reply Reply Quote 0
                    • kiokomanK
                      kiokoman LAYER 8
                      last edited by

                      ah sorry didn't noticed tls, my mind just focused on "filezilla"

                      ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
                      Please do not use chat/PM to ask for help
                      we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
                      Don't forget to Upvote with the 👍 button for any post you find to be helpful.

                      1 Reply Last reply Reply Quote 0
                      • GertjanG
                        Gertjan
                        last edited by

                        Start focussing on answering our question.
                        Doing so will help us helping you.

                        Otherwise this thread becomes pretty useless.

                        No "help me" PM's please. Use the forum, the community will thank you.
                        Edit : and where are the logs ??

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.