Accessing a FTP Server

I am facing a baffling problem. For the past month I have used an FTP server, running Ubuntu Server 14.04 and it has worked flawlessly. During that time I was using an old Apple router from the early 2000's, so an upgrade was needed. I upgraded to the new, fast Linksys WRT1900ac. It has the speed that I desire, but I have run into a hiccup. I cannot access the FTP server remotely anymore. When I have my computer connected to the network and I use the local IP address of the server, it works flawlessly. Unfortunately when I try to connect to the server remotely from the router's WAN IP, I get connection time out errors.

The server has a static IP address and has not had the ability to connect to the internet. All the router IPs and gateway IPs are set properly and the computer is still unable to connect. That could be an issue. Another question is, could it be the router causing the issue? I can access the router remotely by ping and Linksys's Smart WIFI, but telnet fails. Could it also be the router unable to forward the ports? I have opened port 21 for FTP and have tried opening port 20 as well.

Any help would be appreciated. Thank you in advance.

Jjack

Posted 2014-07-31T15:36:36.857

Reputation: 121

I was able to similarly setup my Netgear WNDR4000 router by going to the Port Forwarding/Port Triggering options, I added a custom FTP service. I imagine that your Linksys router has similar configuration options. – P Fitz – 2014-07-31T15:50:27.613

I have the ports forwarded like any other router. I tried the port triggering as you said, and again got no connection. – Jjack – 2014-07-31T18:12:12.747

Answers

Most people need their home gateways to do NAT (specifically NAPT), and NAT breaks FTP.

"Passive mode" FTP, which is now the default on most FTP clients, is a workaround to keep client-side NATs from breaking FTP. However, if the FTP server is behind a NAT, the server-side NAT breaks passive mode FTP whereas traditional FTP (now called "active mode" FTP) would work fine.

NAT gateways can contain special code known as an Application Layer Gateway (ALG) for FTP, which is basically code that knows how FTP works and makes sure the NAT doesn't break it. A really good ALG for FTP can solve both the "client behind NAT making active mode connection" and "server behind NAT receiving passive mode connection" problems, but sadly, many just solve the "client behind NAT" case.

Apple has always been good about putting a decent FTP ALG in their AirPort base station product family (including Extremes, Expresses, and Time Capsules). Their ALG covers both the client and server cases. You still have to set up a port mapping to map port 21 to a particular private IP address and port, because otherwise the base station wouldn't know which machine is your FTP server.

Short of upgrading your home gateway to one with a decent FTP ALG, you might be able to make your connection to your server if you force your FTP client to use traditional "active" FTP mode, but if your client is also behind a NAT, that client-side NAT might break it unless the client-side NAT has a decent FTP ALG.

Spiff

Posted 2014-07-31T15:36:36.857

Reputation: 84 656