LinkSys: FTP Server Won't Work, Tried Everything
Ryan R. Rosario
I just bought a LinkSys BEFSRU11 and I am trying to setup Serv-U 3.0
to run an FTP server. I have tried forwarding the port I would like to
use (11) to the IP address of the computer running ServU. I have
disabled DHCP. I am able to connect to the server via the LAN address
and the WAN address from another computer on my LAN, but outside users
(such as dial up) cannot login. The FTP client acts as if the server
does not even exist.
I have tried everything: port forwarding, DMZ, PASV on client,
forwarding PASV ports, and I can't get it to work. The FTP server is
invisible to outside users.
Can anybody help me out? I am ready to give up.
Thanks,
Ryan
Chelm
Lars M. Hansen
FTP is an unforgiving protocol. Use standard ports.
Lars M. Hansen
http://www.hansenonline.net
yck
Also, there's a problem with Linksys routers such that port forwarding
goes haywire between two machines on two different linksys routers.
i.e.
Say you forwarded port 21 to 192.168.1.10 on your linksys.
Someone behind their own linksys would try to connect using their ftp
client. When that client sends a PASV command to establish a passive
ftp connection, your server will return 192.168.1.10 as the ip address
which the client will try to access. The client's linksys thinks
192.168.1.10 is on its own LAN and hence the communicatin fails.
Make sure to get a FTP server that will let you specify what address
PASV command will return. Bulletproof server (G6 FTP server) is one
of them.
Also, get an ftp server that'll let you specify range of ports used by
PASV command so that you can forward those ports as well.
Young.
On 19 Nov 2001 18:42:17 -0800, rrosa...@my-deja.com (Ryan R.
Dr. Bob
>Make sure to get a FTP server that will let you specify what address
>PASV command will return. Bulletproof server (G6 FTP server) is one
>of them.
G6 FTP Server worked locally with WS_FTP at host name 127.0.0.1 when I
first installed it, but it did not work with its own BPFTP Client. Now
it won't even work with WS_FTP.
It gave these messages:
+++++
FTP Server On-line : IP(s) 192.168.1.10, on port 21
connected to ip : 127.0.0.1
421 Server is closed, no more connections are allowed.
connection failed : No more connections allowed, server is closed.
disconnected.
+++++
Really weird, but typical.
Dr. Bob
The difference between a winner and a loser
is that a loser never risks failure.
Dr. Bob
Cancel that question below - I finally figured out what was wrong.
Some button got pushed into the inactive mode.
I am going to test the G6 FTP Server from behind two Linksys routers
when my son gets back to the university. I will let you know what is
happening.
=====
LLLOOO
FTP client PORT commands must be:
1) UPPERCASE and
2) On the standard FTP port 21
in order to be automatically translated by a Linksys router.
Details
When clients behind the Linksys router try to FTP out on standard
ports, the router does some behind the scenes manipulation of PORT
commands - replacing the client machine's LAN IP with the real
internet IP. However I have realized (after much cursing and swearing)
that the router will only translate PORT commands sent in UPPERCASE. I
had at some point turned on the option in BulletProofFTP to use
lowercase commands. The router was then no longer translating my PORT
commands, and I was forced to use PASV mode, or was unable to FTP at
all. Once I turned off the option to use lowercase, or moved to a
client program that sends uppercase commands (LeechFTP), everything
was fine.
Technical Background
As you communicate with the FTP server, you have a choice between
using PORT of PASV (passive) modes. In port mode, your FTP client
tells the server an IP and port that it should connect to you in order
to do the next transfer. The problem is that IP the your client sends
to the server is the computer's IP on the internal LAN (i.e.
192.168.1.100).
> PORT 64,255,2,232,16,94 200 PORT command successful
The server then has to try to open a connection to that IP. That
cannot happen, because 192.168.1.100 isn't a valid internet IP. (In
fact, some FTP servers will complain that the ip does not match the
address that already has the control connection open - and will give a
"500 - Illegal port command" error.)
> port 192,168,1,101,16,92 500 Illegal PORT command
Fortunatly, the Linksys router (with a high enough firmware version -
I'm not sure which one) can watch for PORT commands, and will replace
the mention of the internal LAN IP sent in the packet, and replace it
with the real IP of the router on the internet. I assume that it also
replaces the port specified by the client with one of its own
available ports. Any subsequent packets arriving on that port
(presumably from the FTP server) will be automatically forwarded to
the client machine who initially sent out the PORT command.
> PORT 192.168.1.101,15,34 200 PORT command successful
In addition to this behavior being undocumented, it only works on the
STANDARD FTP PORT 21. If you connect to an ftp server that is running
on some other port, the router will not intercept and translate your
PORT commands. In addition, the router seems to only translate PORT
commands when the PORT command itself is sent in UPPERASE. If the
command is in lowercase, then the router WILL NOT TRANSLATE THE PORT
COMMAND, and pass it off unaltered to the FTP server.
Posted Via Usenet.com Premium Usenet Newsgroup Services
----------------------------------------------------------
** SPEED ** RETENTION ** COMPLETION ** ANONYMITY **
----------------------------------------------------------
http://www.usenet.com
yck
running ftp servers behind my linksys.