Cannot Connect to FTP Passive Mode in 12.0.18

[Michael_ J_Herm]

I upgraded to 12.0.18 from the latest version of 11 yesterday and now Passive Mode is not functioning when connecting to FTP; worked with no problem on 11. Below is the log:

Status:	Resolving address of ftp.website.com
Status:	Connecting to xxx.xxx.xxx.xxx:21...
Status:	Connection established, waiting for welcome message...
Response:	220 ProFTPD 1.3.5 Server (ProFTPD) [10.0.0.xxx]
Command:	USER admin
Response:	331 Password required for admin
Command:	PASS ********
Response:	230 User admin logged in
Command:	SYST
Response:	215 UNIX Type: L8
Command:	FEAT
Response:	211-Features:
Response:	 TVFS
Response:	 MFMT
Response:	 SIZE
Response:	 PROT
Response:	 CCC
Response:	 PBSZ
Response:	 AUTH TLS
Response:	 MFF modify;UNIX.group;UNIX.mode;
Response:	 REST STREAM
Response:	 MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;
Response:	 UTF8
Response:	 LANG en-US*
Response:	 EPRT
Response:	 EPSV
Response:	 MDTM
Response:	 SSCN
Response:	211 End
Command:	OPTS UTF8 ON
Response:	200 UTF8 set to on
Status:	Connected
Status:	Retrieving directory listing...
Command:	PWD
Response:	257 "/" is the current directory
Command:	TYPE I
Response:	200 Type set to I
Command:	PASV
Error:	Disconnected from server: 10053
Error:	Failed to retrieve directory listing

I have followed these instructions to add the passive ports: http://wpguru.co.uk/2014/03/how-to-allow-passive-ftp-connections-in-plesk-on-amazon-ec2/ (I am on an EC2 and open the ports in AWS Console for the VPC as well). The only thing I didn't do in those instructions is the "MasqueradeAddress xxx.xxx.xxx.xxx" part because that returns a "Could not connect to server" when its in the conf. I do not have the firewall module installed for Plesk and I have the CentOS internal firewall set to allow all ports since I limit the ports through the VPC on AWS. Anyone have a clue what the issue could be? I can work around this myself but I don't want to require my clients to do any extra work to connect to FTP.

 

[tinker]

I had a similar problem. Running 'service iptables status' looked like the ports were open, but trying to access via telnet showed they were not. Activating the Plesk firewall gave me remote access to MySQL (which was causing me problems as port 3306 was blocked according to telnet, but not according to 'service iptables status').
Creating a custom rule in the Plesk firewall to give access to a range of ports (50000-65000) made my ftp work, I subsequently changed this to 50000-50100 and set in /etc/proftpd.conf as well, and ftp continues to work.
So, if you can get someone to respond and explain how/why iptables does not reflect what is happening with Plesk firewall (even though not activated), you should be able to get a fix. Have you rebooted since updgrade?

 

[InderS]

Please try : http://kb.parallels.com/en/1240

 

[mherm88]

I figured it out myself after hours of Parallels support telling me it had nothing to do with Plesk or the server and blaming me for external firewall issues. I did need to put the PassivePorts in the <Global> section and I also needed to put MasqueradeAddres before the <Global> section, now everything works fine.