LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   CentOS (https://www.linuxquestions.org/questions/centos-111/)
-   -   ftp server not excepting connections (https://www.linuxquestions.org/questions/centos-111/ftp-server-not-excepting-connections-4175591626/)

zimbot 10-17-2016 10:22 PM
ftp server not excepting connections
 
I have a situation where I am hoping someone can help me see what I am missing.

I have a centos 7 64 server, web and ftp
This machine is located behind a pix firewall.
I have holes poked in the firewall ( eq ftp & eq www & icmp (ping) )
This server replaced a ol centos 5.8 machine that finally gave out.

The ip num is the same as the old server - it worked.

It almost "behaves" like it is *not have acl holes in the pix firewall.

if I am "inside" my network - inside the pix firewall . I can ftp to it.
but outside the firewall - i cannot ping , nor ftp to it.

I do a sho conf on the pix firewall --yep acl holes poked.

what could it be?

TenTenths 10-18-2016 03:21 AM
Quote:
Originally Posted by zimbot (Post 5619435)
what could it be?
Could be iptables firewall running on the new server.

rkelsen 10-18-2016 06:56 AM
ftp server not excepting connections
 
port forwarding?

zimbot 10-20-2016 12:11 PM
in regard to is my firewall on or iptables
I think firewall and iptables are OFF.
but ... maybe I am wrong

here is this - which I think* proves FW / iptables is not part of the situation



systemctl disable firewalld



[pps@mixer ~]$ systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)

Oct 14 15:43:37 mixer.theppsgroup systemd[1]: Stopped firewalld - dynamic firew....
Oct 14 17:29:56 mixer.theppsgroup systemd[1]: Stopped firewalld - dynamic firew....
Oct 14 17:31:27 mixer.theppsgroup systemd[1]: Stopped firewalld - dynamic firew....
Hint: Some lines were ellipsized, use -l to show in full.



[root@mixer pps]# service iptables stop
Redirecting to /bin/systemctl stop iptables.service
Failed to stop iptables.service: Unit iptables.service not loaded.
[root@mixer pps]#



I am wondering if ... it could be something regarding chroot - or - passive vs active ftp

I think vsftp is configured to use active mode by default


could it be that i need to

http://www.itzgeek.com/how-tos/linux...nd-winscp.html

Configure FTP server in passive mode:

In this case, you do not require to modify FileZilla. Change vsftp transfer mode from active to passive, edit the configuration file of ftp server

# vi /etc/vsftpd/vsftpd.conf

Add the following lines at the end of the file.

pasv_enable=Yes
pasv_max_port=40000
pasv_min_port=40000

Restart the service.

# systemctl restart vsftpd.service


and then I poke hole in my pix515e firewall

for 40000
-????? maybe I will try that.

also i am thinking having the Servers iptables & firewall OFF is ok... it is behind a cisco pix515e firewall


but--- i would be happy to hear from others who might have wisdom.

thnks!

jims

rkelsen 10-20-2016 06:01 PM
Quote:
Originally Posted by zimbot (Post 5620636)
and then I poke hole in my pix515e firewall

for 40000
OK, but is that port being forwarded to the IP address of the computer you're trying to reach?

zimbot 10-21-2016 04:30 PM
port forwarding?????????
I do not think so.
there is no forwarding at the switch..

how could i check?
how would i know?

rkelsen 10-21-2016 09:13 PM
Log into your router and look in the port forwarding section.


All times are GMT -5. The time now is 06:24 AM.