Rapsberry webserver nginx - How to publicly acces FTP vsftpd

0

I have set up my Raspberry Pi to run Nginx for my webserver. My public IP shows the first website, the domain folder, I made on it, this happens on port 80.

Now I have set up vsftpd as my FTP server, however I can only connect with it on my local network with my local IP and ofcourse my username and password.

Is there something I have to do with the Pi's settings to fix this? (My SSH connection is also only possible from my local network.)

Arndroid

Posted 2014-09-08T16:21:28.320

Reputation: 3

Answers

0

No. You need to forward the port (probably 21) through your router. It is that simple.

Exact instructions for every router are not possible in the space available here but there is a website dedicated to answering that question.

krowe

Posted 2014-09-08T16:21:28.320

Reputation: 5 031

Could you develop on that? Why should port 23 (which is usually used for Telnet) be forwarded? – Doktoro Reichard – 2014-09-08T17:53:51.370

@DoktoroReichard You're right, my mistake. – krowe – 2014-09-08T17:59:22.160

Thanks, it seems like a easy solution. But it didn't work for me. I tried both port 20 and 21, as something in the vsftpd config mentioned port 20. I portforward both port 80 and port 20/21 on my raspberry pi's local IP, is that an issue? – Arndroid – 2014-09-08T18:14:15.900

If you've already done this for your HTTP traffic then you've removed a lot of the variables here. If you've already gotten port 80 to work publicly and you've gotten FTP to work locally then this is odd. We can say fairly confidently though that the issue is on your router though because the Pi seems to be working fine if you can access it locally. Does your router have a firewall on it? Have you tried disabling it? – krowe – 2014-09-08T18:28:42.060

You might want to look into the difference between active and passive FTP. Namely, that active FTP through port forwarding can be problematic unless you forward all ports in the active FTP port range. As a note, you should still be able to login to the FTP when just port 21 is forwarded, but will likely not be able to complete any useful commands. – ssnobody – 2014-09-08T19:40:56.860

0

You should have nothing to do in your raspberry pi except if you are running a firewall on it.

Basically, you must setup PAT at your router level to allow the public address space to reach your machine's desired ports from your router public IP address, then setup firewall rules on the same rig.

So if you want to remotely connect using ssh from the public address space you must do that for TCP port 22.

If you want your FTP service to be accessible the same way you will need to do the same for TCP port 21, plus :

  • If your FTP client uses active mode, allow your raspberry pi machine to reach your client's IP using source TCP port 20 (firewall rule).
  • If your FTP client uses passive mode, allow your raspberry pi to be reached on your TCP local port range (PAT + firewall rule, you can configure that port range in vsftpd with pasv_min_port and pasv_max_port).

Xavier Lucas

Posted 2014-09-08T16:21:28.320

Reputation: 211

Asked: 2014-09-08T16:21:28.320

Viewed: 564 times

Active: 2014-09-16T23:04:33.623