I can connect to FTP but it cannot list the directories, I get the following error:
|Status: |Resolving address of eustorage.quexhost.com|
|---|---|
|Status: |Connecting to 88.99.163.115:50352...|
|Status: |Connection established, waiting for welcome message...|
|Status: |Plain FTP is insecure. Please switch to FTP over TLS.|
|Status: |Logged in|
|Status: |Retrieving directory listing...|
|Command: |PWD|
|Response: |257 / is the current directory|
|Command: |TYPE I|
|Response: |200 Switching to Binary mode.|
|Command: |PASV|
|Response: |227 Entering Passive Mode (88,99,163,115,98,233).|
|Command: |LIST|
|Error: |The data connection could not be established: ECONNREFUSED - Connection refused by server|
|Error: |Connection timed out after 20 seconds of inactivity|
|Error: |Failed to retrieve directory listing|
How can I solve this? I have passive mode on in /etc/vsftpd.conf settings.
Did you modify directives pasv_min_port and/or pasv_max_port in vsftpd.conf file?
I’m asking because if we check the port that is using the passive mode, it is 25321 (98*256+233) and that port is not in the range 12000-12100 (default in HestiaCP).
If you modified the port range in vsftpd.conf file, remember to create a firewall rule to allow those ports.
That allows port 21, port range from 12000 to 12100 and port 50352 so for example, it doesn’t allow port 25321 as I showed you in above post.
Change pasv_max_port to 12100 and restart vsftpd or if you want to use another range, choose no more than 100 ports and modify the firewall rule to fit that ports.
Then redirect a range to your server, configure your vsftpd to use the same range you have redirected (modify pasv_min_port and pasv_max_port) and add the firewall rule for that range of ports.
That should be pasv_min_port=50356, change it and restart vsftpd.
For the rest, you are announcing your external ip using pasv_address and that is good and you have the right firewall rules.
Also, in the example connection you sent, the port for passive mode to be used is 50359 and that should work with your conf.
Just in case, show the output of:
iptables -S
The only thing I can think is that you are not redirecting correctly the ports from your VPS Panel to your server or it is failing for some reason.
If you have a test user I could test, you could send me a private message with the user name and password to test whether I receive the same error from my side.