Koozali.org: home of the SME Server

sftp fails at directory listing

Offline jameswilson

  • ****
  • 739
  • +0/-0
    • Security Warehouse, trade security equipment
sftp fails at directory listing
« on: September 30, 2022, 01:31:52 PM »
I normally only use ftp on the LAN but i want to temp open ftp for public

enabled in server manager but it times out

filezilla shows

Code: [Select]
Status: Connecting to x.x.x.x:21...
Status: Connection established, waiting for welcome message...
Status: Initializing TLS...
Status: TLS connection established.
Status: Logged in
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is the current directory
Command: TYPE I
Response: 200 Type set to I
Command: PORT 192,168,0,117,202,14
Response: 200 PORT command successful
Command: MLSD
Error: Connection timed out after 20 seconds of inactivity
Error: Failed to retrieve directory listing

This works fine on the LAN address but not the WAN

What have I missed please?

James

Offline TerryF

  • grumpy old man
  • *
  • 1,821
  • +6/-0
Re: sftp fails at directory listing
« Reply #1 on: September 30, 2022, 02:40:41 PM »
Firstly Server/Gateway or Server only, it matters for client setup and whether any ports need forwarding.

FTP is only available over TLS by default, Explicit FTP over TLS you need to config the ftp client to use TLS, server setup is the easy part

config show ftp, TLS can be disabled but I would not recommend..

There are a couple of discussions on the forum re basic setup etc.. at least one in english and thsi one which explains a lot in french
https://forums.koozali.org/index.php/topic,54614.15.html

https://forums.koozali.org/index.php?action=pm;f=sent;sort=date;desc;start=15#msg683


« Last Edit: September 30, 2022, 02:52:00 PM by TerryF »
--
qui scribit bis legit

Offline jameswilson

  • ****
  • 739
  • +0/-0
    • Security Warehouse, trade security equipment
Re: sftp fails at directory listing
« Reply #2 on: September 30, 2022, 03:13:43 PM »
Hi Terry

Server Gateway
I did disable TLS (temp to test then renabled) with the same result.
It connects but fails at the directory listing.

However when on the VPN (LAN) it works on the local Ip address, just not on the WAN IP

Thanks

Offline Jean-Philippe Pialasse

  • *
  • 2,743
  • +11/-0
  • aka Unnilennium
    • http://smeserver.pialasse.com
Re: sftp fails at directory listing
« Reply #3 on: September 30, 2022, 09:19:06 PM »
server gateway directly to the internet or behind another router or firewall ?


1- active mode or passive mode?
2- tls or not tls: you answered no tls (which is not recommended.


ftp over the internet needs more than only port 21 to be open.  and the port to open on the client side or SME side depends on the two questions 1 and 2.