0

I Have a problem with FTP setup on a windows server 2016. I have tried anything that there is on the forums and they all say the same thing.

I have created the site and can access it internally and externally with hostname and IP address (IP has not been included for security reasons), doing all the hostname and IP bindings. Could not connect using FileZilla.

Tried creating a FTP site and all the bindings and connecting to it, did not happen!

Procedure I followed

1 - add website ... IP address (All Unassigned, because I am hosting it on one server only)

2 - bind the host name www.my-domain.com

3 - allow all inbound rules on firewall (port 80, 21, 990 ,...)

MESSAGE I GET IN FILEZILLA:

Status: Connecting to 00.00.000.000:21... (IP excluded for Security reasons)
Status: Connection established, waiting for welcome message...
Response:   220 Microsoft FTP Service
Command:    USER myusername
Response:   530 Valid hostname is expected.
Error:  Could not connect to server
Daniel PurPur
  • 119
  • 1
  • 5
  • Remove the hostname from the bindings – Drifter104 Jun 09 '17 at 12:14
  • Hi I have and now I get: Status: Connection established, waiting for welcome message... Status: Logged in Status: Retrieving directory listing... Status: Server sent passive reply with unroutable address. Using server address instead. Command: LIST Response: 150 Opening BINARY mode data connection. Error: Connection timed out after 20 seconds of inactivity Error: Failed to retrieve directory listing – Daniel PurPur Jun 09 '17 at 12:33
  • 2
    This question/Answer should answer that for you https://serverfault.com/questions/718662/server-sent-passive-reply-with-unroutable-address-using-server-address-instead – Drifter104 Jun 09 '17 at 13:49
  • Thanks @Drifter104. it was great help. it was Passive ports – Daniel PurPur Jun 22 '17 at 09:30

1 Answers1

1

I solved it myself

After reading few more articles and forums, I discovered that Passive mode was not working correctly hence the errors.

This was due to Amazon AWS EC2 Security groups, server Firewall and FTP server setup.

1- AWS Security group was set to accept Passive FTP TCP connections from port range 40,000-51,000 only.

2- Server Firewall had to be configured to accept FTP SERVER connections from above port range as well.

3 - FileZilla (Or any other FTP server) had to be configured to accept Passive connections from above port range only.

It took me a while to figure it out. If server security is high on your list, as it should be, this was the issue and the fix.

Hope this saves you some time. Good luck everyone!

Daniel PurPur
  • 119
  • 1
  • 5