6

I have just set up a FTP server in IIS 8.5 on my Windows Server 2012 R2 machine.

With FileZilla when I try connect to the local IP (10.0.0.4) with my username and password on port 21, it will connect just fine, But when I try to connect on the external IP I get this error

Server sent passive reply with unroutable address. Using server address instead

Here is the full log

Status: Disconnected from server
Status: Connecting to 191.23x.xx.111:21...
Status: Connection established, waiting for welcome message...
Status: Insecure server, it does not support FTP over TLS.
Status: Connected
Status: Retrieving directory listing...
Status: Server sent passive reply with unroutable address. Using server address instead.
Command:    LIST
Response:   150 Opening BINARY mode data connection.
Error:  Connection timed out after 20 seconds of inactivity
Error:  Failed to retrieve directory listing
Status: Disconnected from server
Status: Connecting to 191.23x.xx.111:21...
Status: Connection established, waiting for welcome message...
Status: Insecure server, it does not support FTP over TLS.
Status: Connected
Status: Retrieving directory listing...
Status: Server sent passive reply with unroutable address. Using server address instead.
Command:    LIST
Response:   150 Opening BINARY mode data connection.
Error:  Connection timed out after 20 seconds of inactivity
Error:  Failed to retrieve directory listing

Where it hangs on

Server sent passive reply with unroutable address. Using server address instead.

for a bit of time before it fails

jLynx
  • 133
  • 1
  • 1
  • 8

2 Answers2

5

You need to set the external IP of your server to have passive mode work.

In IIS: (step 5 for passive mode, other are for active mode)

How to configure the global firewall settings for the FTP service

1.Open Internet Information Services (IIS) Manager:

•If you are using Windows Server 2012 or Windows Server 2012 R2:

•On the taskbar, click Server Manager, click Tools, and then click Internet Information Services (IIS) Manager.

2.In the Connections pane, click the server name.

3.In the Home pane, double-click the FTP Firewall Support feature.

4.In the Data Channel Port Range box, use one of the following options to enter a port range for passive data channel connections:

•Use [low port]-[high port] for a port range, where each port must be between 1025 and 65535. For example, 5000-6000.

•Use "0-0" to configure the FTP server to use the Windows TCP/IP ephemeral port range.

5.In the External IP Address of Firewall box, type the IPv4 address of the Internet-facing network adapter of your firewall.

6.In the Actions pane, click Apply.

If it's not there, you need to active FTP Extension.

Windows Server 2012 or Windows Server 2012 R2

1.On the taskbar, click Server Manager.

2.In Server Manager, click the Manage menu, and then click Add Roles and Features.

3.In the Add Roles and Features wizard, click Next. Select the installation type and click Next. Select the destination server and click Next.

4.On the Server Roles page, expand Web Server (IIS), and then select FTP Server.

Note: To support ASP.Membership authentication or IIS Manager authentication for the FTP service, you will need to select FTP Extensibility, in addition to FTP Service.

5.Click Next, and then on the Select features page, click Next again.

6.On the Confirm installation selections page, click Install.

7.On the Results page, click Close.

yagmoth555
  • 16,300
  • 4
  • 26
  • 48
0
  1. If you use vsftpd, set
    pasv_min_port=21000
    pasv_max_port=21999

in vsftpd.conf file.

  1. Open that port range in your network console panel of your VPS/Cloud provider.

This solve my same error.

inter18099
  • 1
  • 1