[Gllug] Problem with VSFTP
Hakuna Matata
narender.hooda at gmail.com
Tue Dec 9 11:22:52 UTC 2008
Thanks a million Joel for the quick response....
You may need to use passive mode, as it suggests.====> i tried giving
the option "pasv_enable=yes" in vsftpd.conf file.
but no luck.....do i need to compile the vsftp. rite now i am using rpm.
--Narender
On Tue, Dec 9, 2008 at 4:40 PM, Joel Bernstein <joel at fysh.org> wrote:
> Hi Hakuna
>
> 2008/12/9 Hakuna Matata <narender.hooda at gmail.com>:
>> i am able to access the ftp on internal interface interface
>> successfully but while accessing it via public facing IP/interface i
>> am getting the below error.
>>
>> 230 Login successful.
>> ftp> ls
>> 500 Illegal PORT command.
>> 425 Use PORT or PASV first.
>
> Looks like it's not setting up the ftp-data connection, presumably a
> firewall issue.
> You may need to use passive mode, as it suggests.
>
>> i have a cisco pix firewall between public IP and outside world.
>
> Oh then it's probably got "fixup protocol ftp" somewhere in its
> config. PIXes have a very limited and broken application-level
> firewall/proxy for SMTP, FTP, H.323 etc. Chances are it's proxying and
> munging your FTP traffic. If you have access to the firewall, consider
> whether "no fixup protocol ftp" is more appropriate. A modern ftpd is
> likely to have better ftp security/access-control features than a PIX
> anyway.
>
> /joel
> --
> Gllug mailing list - Gllug at gllug.org.uk
> http://lists.gllug.org.uk/mailman/listinfo/gllug
>
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list