Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Vsftpd not working behind pfsense

    NAT
    1
    1
    3154
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      fluca1978 last edited by

      Hi all,
      I've read the posts about FTP behind pfsense, but still I cannot get it working. My setup is this:

      • pfsense with an optional interface 192.168.245.7
      • WAN with ftp helper enabled (checkbox disabled)
      • vsftpd server running on 192.168.245.77
      • port forwarding on port 21 TCP

      Either enabling PASV mode or disabling the FTP helper on the WAN interface lead me to the same behavior:

      
Wed Jun 23 11:37:21 2010 [pid 6917] [workart] FTP response: Client "192.168.245.7", "230 Login successful."
Wed Jun 23 11:37:21 2010 [pid 6917] [workart] FTP command: Client "192.168.245.7", "SYST"
Wed Jun 23 11:37:21 2010 [pid 6917] [workart] FTP response: Client "192.168.245.7", "215 UNIX Type: L8"
Wed Jun 23 11:37:22 2010 [pid 6917] [workart] FTP command: Client "192.168.245.7", "PORT 192,168,245,7,235,218"
Wed Jun 23 11:37:22 2010 [pid 6917] [workart] FTP response: Client "192.168.245.7", "200 PORT command successful. Consider using PASV."
Wed Jun 23 11:37:22 2010 [pid 6917] [workart] FTP command: Client "192.168.245.7", "LIST"
Wed Jun 23 11:37:42 2010 [pid 6914] [workart] FTP response: Client "192.168.245.7", "425 Failed to establish connection."
Wed Jun 23 11:38:22 2010 [pid 6917] [workart] FTP response: Client "192.168.245.7", "425 Failed to establish connection."

      the LIST command freeze each time. I've tried to set the server in PASV mode defining the following in the vsftpd.conf file:

      
pasv_enable=YES
# wan address
pasv_address=XX.XX.XX.XX
pasv_max_port=51000
pasv_min_port=50000
port_enable=YES

      but the behavior is the same. If I try to connect to the ftp server on the same network I got a correct session:

      
Wed Jun 23 11:41:06 2010 [pid 6936] [workart] FTP response: Client "192.168.245.77", "230 Login successful."
Wed Jun 23 11:41:06 2010 [pid 6936] [workart] FTP command: Client "192.168.245.77", "SYST"
Wed Jun 23 11:41:06 2010 [pid 6936] [workart] FTP response: Client "192.168.245.77", "215 UNIX Type: L8"
Wed Jun 23 11:41:07 2010 [pid 6936] [workart] FTP command: Client "192.168.245.77", "PORT 192,168,245,77,166,116"
Wed Jun 23 11:41:07 2010 [pid 6936] [workart] FTP response: Client "192.168.245.77", "200 PORT command successful. Consider using PASV."
Wed Jun 23 11:41:07 2010 [pid 6936] [workart] FTP command: Client "192.168.245.77", "LIST"
Wed Jun 23 11:41:07 2010 [pid 6936] [workart] FTP response: Client "192.168.245.77", "150 Here comes the directory listing."
Wed Jun 23 11:41:07 2010 [pid 6936] [workart] FTP response: Client "192.168.245.77", "226 Directory send OK."

      So there is something not working with my pfsense setup, but I'm not sure what it is….any help?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post