*New 11.3 series Release:
2019-10-05: XigmaNAS 11.3.0.4.6928 - released, 11.2 series are soon unsupported!

*New 12.0 series Release:
2019-10-05: XigmaNAS 12.0.0.4.6928 - released!

*New 11.2 series Release:
2019-09-23: XigmaNAS 11.2.0.4.6881 - released!

We really need "Your" help on XigmaNAS https://translations.launchpad.net/xigmanas translations. Please help today!

Producing and hosting XigmaNAS costs money. Please consider donating for our project so that we can continue to offer you the best.
We need your support! eg: PAYPAL

FTPS and TLS problem

File transfer protocol.
Forum rules
Set-Up GuideFAQsForum Rules
Post Reply
Hedin81
NewUser
NewUser
Posts: 2
Joined: 17 Sep 2016 15:41
Status: Offline

FTPS and TLS problem

#1

Post by Hedin81 » 08 Jan 2017 03:58

Hi all
Im trying to set up a FTPS server according to this guid: http://wiki.nas4free.org/doku.php?id=do ... figuration
The server config:
Image
Image

To this I have port forvarde 21, 26300-26400 in my pfSense.

And using Filzilla as client.

The servere works on the lan. Both using 'Only using plain FTP' and 'Require explicit FTP ocer TLS' works

When adding 'Masquerade address' and connecting from wan the TLS conection won't work!
FilZilla

Code: Select all

03:06:08	Status:	Resolving address of xxx
03:06:08	Status:	Connecting to xxx
03:06:08	Status:	Connection established, waiting for welcome message...
03:06:08	Response:	220 ProFTPD 1.3.5b Server (nas4free FTP Server) [xx]
03:06:08	Command:	AUTH TLS
03:06:08	Response:	502 AUTH TLS successful
03:06:08	Command:	AUTH SSL
03:06:08	Error:	Could not connect to server
03:06:08	Status:	Waiting to retry...
03:06:13	Status:	Resolving address of xxx
03:06:13	Status:	Connecting to xxx...
03:06:13	Status:	Connection established, waiting for welcome message...
03:06:14	Response:	220 ProFTPD 1.3.5b Server (nas4free FTP Server) [xxx]
03:06:14	Command:	AUTH TLS
03:06:14	Response:	502 AUTH TLS successful
03:06:14	Command:	AUTH SSL
03:06:14	Error:	Could not connect to server
The log from Nas4free

Code: Select all

Jan 8 03:06:13	nas4free	proftpd[8893]: 192.168.1.2 (xxx[xxx]) - mod_tls/2.6: unexpected OpenSSL error, disconnecting
Jan 8 03:06:08	nas4free	proftpd[8892]: 192.168.1.2 (xxx[xxx]) - mod_tls/2.6: unexpected OpenSSL error, disconnecting
Jan 8 02:58:38	nas4free	proftpd[8859]: 192.168.1.2 (xxx[xxx]) - FTP no transfer timeout, disconnected
Jan 8 02:51:02	nas4free	proftpd[8858]: 192.168.1.2 (xxx[xxx]) - mod_tls/2.6: unexpected OpenSSL error, disconnecting
Jan 8 02:50:56	nas4free	proftpd[8857]: 192.168.1.2 (xxx[xxx]) - mod_tls/2.6: unexpected OpenSSL error, disconnecting
Jan 8 02:47:13	nas4free	root: proftpd service restarted
In the ftptst it looks good:

Code: Select all

Status: Resolving address of xxxx
Status: Connecting to xxxx
Warning: The entered address does not resolve to an IPv6 address.
Status: Connected, waiting for welcome message...
Reply: 220 ProFTPD 1.3.5b Server (nas4free FTP Server) [xxxx]
Command: CLNT https://ftptest.net on behalf of xxxx
Reply: 500 CLNT not understood
Command: AUTH TLS
Reply: 234 AUTH TLS successful
Status: Performing TLS handshake...
Status: TLS handshake successful, verifying certificate...
Status: Received 1 certificates from server.
Status: cert[0]: subject='xxxxxxxxxxxxxx'
Command: USER xxx
Reply: 331 Password required for xxx
Command: PASS  
Reply: 230-Welcome to xxxxx!
Reply: 230 User xxxxlogged in
Command: SYST
Reply: 215 UNIX Type: L8
Command: FEAT
Reply: 211-Features:
Reply: SITE UTIME
Reply: MDTM
Reply: SITE RMDIR
Reply: SSCN
Reply: TVFS
Reply: MFMT
Reply: SIZE
Reply: PROT
Reply: CCC
Reply: SITE MKDIR
Reply: PBSZ
Reply: AUTH TLS
Reply: MFF modify;UNIX.group;UNIX.mode;
Reply: REST STREAM
Reply: MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;
Reply: UTF8
Reply: LANG en-US*
Reply: EPRT
Reply: SITE SYMLINK
Reply: EPSV
Reply: 211 End
Command: PBSZ 0
Reply: 200 PBSZ 0 successful
Command: PROT P
Reply: 200 Protection set to Private
Command: PWD
Reply: 257 "/" is the current directory
Status: Current path is /
Command: TYPE I
Reply: 200 Type set to I
Command: PASV
Reply: 227 Entering Passive Mode (xxxx).
Command: MLSD
Status: Data connection established, performing TLS handshake...
Reply: 150 Opening BINARY mode data connection for MLSD
Status: TLS handshake successful, verifying certificate...
Status: Received 1 certificates from server.
Status: cert[0]: subject='xxxxxxxxxxxxxxx'
Status: TLS session of transfer connection has been resumed.
Listing: modify=xxxxxxx;UNIX.owner=0; .
Listing: modify=xxxxxxx;UNIX.owner=0; ..
Listing: modify=xxxxxxx;UNIX.owner=80; pool_1
Reply: 226 Transfer complete
Status: Success
Does anyone have any idea what is wrong? I think it has something with proftps mod_tls to do?

User avatar
tony1
Moderator
Moderator
Posts: 172
Joined: 14 Jul 2016 19:04
Status: Offline

Re: FTPS and TLS problem

#2

Post by tony1 » 08 Jan 2017 19:42

are you setting the MasqueradeAddress to public (wan) ip address?
try opening port 20 & 21 on the firewall and see if that helps.

Post Reply

Return to “FTP”