I have created the NAT rules in the firewall as requested now I still can not login to FTP server
Which rules did you create and where?
I have at the firewall the port range 12000-12100 NAT at webserver of course also the port 21
But if you are using nat you should redirect those ports from your router to your Hestia server.
yes exactly I have a Mikrotik router there were exactly the same ports forwarded
I suppose vsftpd is up and running:
lsof -i:21 -sTCP:LISTEN systemctl status vsftpd
If you share your domain or ip, I can try to access to your ftp.
it seems that the services are working
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
vsftpd 1320250 root 3u IPv4 72040115 0t0 TCP *:ftp (LISTEN)
- vsftpd.service - vsftpd FTP server
Loaded: loaded (/lib/systemd/system/vsftpd.service; enabled; preset: enabled)
Active: active (running) since Wed 2023-11-01 20:34:27 CET; 14h ago
Process: 1320249 ExecStartPre=/bin/mkdir -p /var/run/vsftpd/empty (code=exited, status=0/SUCCESS)
Main PID: 1320250 (vsftpd)
Tasks: 1 (limit: 154543)
`-1320250 /usr/sbin/vsftpd /etc/vsftpd.conf
If service is up and running, you opened the ports in Hestia firewall and you redirected the ports too in your router… from where you are testing the connection? I’m asking because if you are trying to reach your public ip from inside the private network it won’t work, if that is the case search info about Hairpin NAT.
the problem appears with external connections. have also tried internal but with internal attempts connection is rejected, so password is not accepted
But is rejected trying to connect using the public address from internal netwrok or it’s rejected using the internal ip?.
Show the output of:
at this attempt internal IP address 192.168.x.x. was rejected
is it possible to turn off the Passive mode, so from HestiaCP interests
IF you are having problems to connect from external clients using passive mode you will have even more problems using active mode.
Anyway, to disable passive mode, edit file
pasv_enable=NO, save the file and restart the service:
systemctl restart vsftpd
But all seems a firewall issue.
so after deactivating passive mode i get “Permission denied.”
my got no…
so last time i installed proftpd now it works
thanks for the support @sahsanu