Can't set up access to FTP from outside

Hi guys. I have been trying to set up ftp access for a friend of mine to my server. I have the account setup, the share access and all that good stuff. I have been at this for a while now. I have tried a lot of different things and so I'll just tell you what I have done so far because I have tried many different combination of things and nothing. Before that, I can tell you that locally I can ftp to the share fine. If I use the internal IP that is. Once I change that to the domain name(ddns), no access. I have forwarded the individual port and also used a range for passive access which I also enabled on the server with no luck. I have tried with and without passive mode on. I was using just ssl access so I went back and added the other ports to the router so I could check the non ssl access to the server which works fine. So I have checked that. I have used port 21, and others just to see if the server would take it, but nothing worked. I did this because I noticed that filezilla automatically defaults to port 21 which makes sense but still didn't work when that port was forwarded. Now the default router ports are 20:21 so this is the reason I was using other port numbers and the range without the internal port so that it would just chose whatever port is available to prevent conflict with the router ftp. Still nothing. I went and read about changing some settings under the passive and active tab in filezilla but even then still nothing. So I thought I change to winscp just to test this out and here's the message I get there. I have also added the filezilla error I get when trying to connect.

I also forgot to ask, is FTP a plugin? I wanted to uninstalled it but didn't find a plugin for it.

I just got this other error on here after I hit submit.

Here are the ftp settings.

Zitat von subzero79

Can you please post here your configuration, in terminal as root

omv-confdbadm read --prettify co
nf.service.ftp

Sure. Here it is...

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Fri Aug 18 23:09:39 2017 from desktop3d
root@nas8:~# omv-confdbadm read --prettify conf.service.ftp
{
"allowforeignaddress": false,
"allowrestart": false,
"anonymous": false,
"displaylogin": "",
"dynmasqrefresh": 0,
"enable": true,
"extraoptions": "",
"identlookups": false,
"limittransferrate": false,
"masqueradeaddress": "",
"maxclients": 5,
"maxconnectionsperhost": 4,
"maxdowntransferrate": 0,
"maxloginattempts": 5,
"maxpassiveports": 65534,
"maxuptransferrate": 0,
"minpassiveports": 49152,
"modules": {
"mod_ban": {
"rule": []
},
"mod_tls": {
"enable": true,
"extraoptions": "",
"nocertrequest": false,
"nosessionreuserequired": false,
"required": false,
"sslcertificateref": "fa8034fd-6b0e-4235-874b-334249fd0c4a",
"useimplicitssl": false
}
},
"port": 2121,
"requirevalidshell": false,
"rootlogin": false,
"shares": {
"share": [
{
"comment": "",
"enable": true,
"extraoptions": "",
"sharedfolderref": "5b5d2bf4-a4ec-40df-b87b-7215c04173c3",
"uuid": "fba9285f-1e25-4249-ab11-b1e5fd6e1922"
}
]
},
"timeoutidle": 1200,
"transferlog": false,
"usepassiveports": false,
"usereversedns": false
}

Zitat von subzero79

Can you please forward in your router the ftp port and the passive port range to te server.
Also fill in the masquerade address your current public IP address or if you have a personal domain dynamically mapped to your router is also fine.
Report back if then works with ftps from wan. Is correct to use explicit. Don't use implicit.

Subzero79, thanks for the info. I believe I got it working now. I went ahead and put all the info in one port forwarding entry in the router, but apparently this router doesn't like it like that. So I had to add the range in one line and the individual port on another. It worked right after that. The range is the one with the colon in between and that's how this router uses that. As for the client I think I tried all of the settings and maybe the implicit was the last one I tried. I found I don't need to put in a masquerade address once I did it this way and it just worked. I do have a question on that IP, does that refer to the dyndns.com address for example or the router ip address from the isp? I don't have a domain server at home so I'm still not clear on what that one may be. Anyway, now I was able to type ftp://dyndns address:port number and it works fine from there too, so this is how I was able to also test it here. I just have to try to remember all these port numbers I'm using.

gderf, I don't think I was able to get to that folder using sftp last time I tried. I only used root and that only went to the system c drive if I remember correctly. I wouldn't mind trying that if you have a short write up I can look up. I'm just glad I can actually use it now, so thanks for your help, I really appreciate it. I do rather use a more secure connection whenever possible. Eventhough my certificate is expired it still pops up. Is that any good?

Hey guys! I finally got my friend to test out the ftp, but I was wondering, is there any way to get ftp stats? Meaning I have no way of seeing their connection or anything like that. I was trying to figure out how fast the transfers were, but there's nothing in the ftp plugin. He also said that when he tried it on from the browser, it also didn't tell him anything about the speed. So this is why I'm asking if we can get something like that on here. We did try a slightly bigger file and he said it would take about 20 minutes for like a 170 meg file which I thought was slow, but that may just be my internet connection. Well that was my deduction since the server is new and he has a faster line than I do. I also can't see who connected or when. So I just thought I mention it.