From: Michael Sullivan <michael@espersunited.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] OT - vsftp 425 bad IP connecting
Date: Thu, 18 Aug 2005 12:26:27 -0500 [thread overview]
Message-ID: <1124385988.3575.44.camel@baby.espersunited.com> (raw)
In-Reply-To: <Pine.BSO.4.58.0508181249580.32737@ida.bway.net>
On Thu, 2005-08-18 at 12:56 -0400, A. Khattri wrote:
> On Thu, 18 Aug 2005, Michael Sullivan wrote:
>
> > One of my users is having a problem with FTP access to my server. He
> > says that he can connect and get a listing for his home directory, but
> > he can't do anything beyond seeing the listing. He's connecting from
> > outside the network. I can connect and interact with my personal
> > account through FTP just fine from inside the network, but everytime I
> > try to connect like he does (using ftp.espersunited.com) I get a 425
> > Security Bad IP error. I don't have access to a computer physically
> > outside the network to use to diagnose this problem, so working around
> > this Bad IP error is my only option. The IP address that
> > ftp.espersunited.com points to is the external address of my router, so
> > it might be complaining because the requesting IP is the same as the
> > requested IP. Any help on fixing this? Google and the vsftpd.conf man
> > page were no help...
>
> Pleae be aware of how FTP works: there are two connections per user - one
> is the control port and one is for data. With active FTP, the user's FTP
> client picks a local port number for the data port. With passive FTP, the
> server picks a data port number and tells the client what port number to
> use. Obviously, your router and/or firewall needs to be configured to
> allow both types of ports into your LAN and to forward the ports to the
> correct place. Passive FTP is better from a firewall point of view but
> your firewall still needs to know to open the port for incoming
> connections. If you firewall is not capable of doing that then this wont
> work and you may need to put you FTP server outside of your firewall in a
> DMZ.
The user can login with his username and password and get a listing of
his home directory just fine (as I said above) so I don't see how this
could be a firewall issue. Nevertheless, I checked the firewall and
port forwarding settings in my router. TCP port 21 is forwarded to port
21 of 192.168.1.2, which is my server box.
--
gentoo-user@gentoo.org mailing list
next prev parent reply other threads:[~2005-08-18 17:33 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-08-18 14:03 [gentoo-user] OT - vsftp 425 bad IP connecting Michael Sullivan
2005-08-18 16:56 ` A. Khattri
2005-08-18 17:26 ` Michael Sullivan [this message]
2005-08-18 17:19 ` Willie Wong
2005-08-18 17:34 ` [gentoo-user] OT - vsftp 425 bad IP connecting [SOLVED] Michael Sullivan
2005-08-18 22:26 ` [gentoo-user] OT - vsftp 425 bad IP connecting Bryan Whitehead
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1124385988.3575.44.camel@baby.espersunited.com \
--to=michael@espersunited.com \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox