|
Post by coroed on Mar 11, 2010 2:18:34 GMT 7
I can't be able using N2200 as FTP server. I have a dns domain with Dyndns.org; I opened the 21 port and created a virtual server on my router/modem; I created a user in the N2200; On the NAS there are both public and private shared directory; I'm trying connect by web with FileZilla. But I cant. Anyone can help me? Tanks
|
|
|
Post by tugman on Mar 14, 2010 13:04:48 GMT 7
I'm trying connect by web with FileZilla. But I cant. I've never done it myself, but I assumed from reading the user manual that you can download/upload from the web interface. Can you access it using a web browser? Good Luck.
|
|
hlan
New Member
Posts: 41
|
Post by hlan on Apr 23, 2010 16:35:54 GMT 7
For me, FTP port 21 works in the intranet only. Trying to make it work over Internet is unfortunately not possible because, I assume, the ISP firewalls filters port 21.
Changing the FTP port to an unreserved port is possible on the N2200, e.g. port "1026" - but it makes FTP work over the Internet only for the command channel:
The issue is that with passive FTP, the N2200 opens a random unprivileged port (P > 1023) and sends the PORT P command back to the client, that in turn tries connecting to that port. In the router log I see that this works as advertised and the client tries connecting back at those random port numbers.
Because this port is selected at random, and because for security one cannot open the firewall for all ports, servers allow specifying a limited port range for the FTP server to use in passive mode. Unfortunately, the N2200 does not allow this!
So conclusion, this N2200 feature to change the port number from 21 (Active FTP) to any other number (then Passive FTP) is a high security risk (and bad practice) unless Thecus also allows to specify a range for passive ports.
|
|
hlan
New Member
Posts: 41
|
Post by hlan on Apr 23, 2010 18:56:42 GMT 7
Here how it works with filezilla ftp server. Because below use cases are the typical use cases for a N2200, Thecus should support them (to make this FTP feature useful, otherwise consider a disclaimer/note on the product feature list in order not to mislead customers, or removing the Thecus FTP feature):
1) I'm behind a firewall and nobody can connect to my server or transfer files / directory listings
You have to configure your firewall to allow incoming connections on the ftp port (default: 21), as well as allowing outgoing connections from the server. In FTP Active Mode, FileZilla Server tries to use a port one less than the ftp port for outgoing connections. If that fails it tries to use a port one larger than the ftp port and after that it requests a port from windows. It may be best to allow all outgoing connections from the server. Further you have to allow a port range for incoming connections for passive mode transfers. You can specify this port range on the "passive mode settings" page in the settings dialog in the server interface. In most cases, a range like 5000-5100 is sufficient. With certain firewalls, it may be possible that FileZilla can't determine the external IP address. In this case you have to enter the IP address (or your host name) on the passive mode page in the settings dialog. In case you've a dynamic IP (most dial-up users), you can also choose to retrieve the ip address from a website.
2) I'm behind a router and nobody can connect to my server or transfer files / directory listings
You have to configure your router to forward the ftp port (default: 21) to the server machine. Further you have to forward a port range for passive mode transfers. You can specify this port range on the "passive mode settings" page in the settings dialog in the server interface. In most cases, a range like 5000-5100 is sufficient. Most likely, FileZilla can't determine the external IP address if behind a router. In this case you have to enter the IP address (or your host name) on the passive mode page in the settings dialog. In case you've a dynamic IP (most dial-up users), you can also choose to retrieve the ip address from a website.
3) I'm behind a router and a firewall and nobody can connect to my server or transfer files / directory listings
Just follow both steps 2 and 3 in this case.
|
|
misha
New Member
Posts: 35
|
Post by misha on Apr 25, 2010 20:15:54 GMT 7
|
|
|
Post by vinietje on Oct 10, 2010 22:10:51 GMT 7
you could (but shouldn't be however) edit the /etc/bftpd.conf file
(you would have to use the ROOTCMD module)
but i can't recommend this method if you are inexperienced with linux systems.
|
|
|
Post by coroed on Oct 13, 2010 16:35:28 GMT 7
I dont know why but I can use n2200's FTP server with filezilla making double connection. I connect 1st time and filezilla stops during MLSD command execution, then I made again the connection and all work. Try
|
|