Question ftp problem behind firewall

[Maxwell Banks]

Hi!

I have a plesk server at centos 7 wiht local ip, because I have a FW with public ip with port forward.
All server work great, except ftp service (proftpd)

If I try access ftp from linux ftp client, the server respond ok, and I can make a dir and recieve all directory, but before to recieve the directory say:

ftp> dir
229 Entering Extended Passive Mode (|||12750|).
150 Opening ASCII mode data connection for file list

Allways from Windows and when at linux put passive command I recieve:

ftp> passive
Passive mode: off; fallback to active mode: off.
ftp> dir
200 EPRT command successful
425 Unable to build data connection: Permission denied

I fix it the problem puting a comment at line
#MasqueradeAddress XX.XX.XX.XX #Public IP
at virtual host section at file

/etc/proftpd.d/50-plesk.conf

... but these file say at header:

#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.

Where is the correcte place to change these configuration?

Thanks a lot!

Maxwell.

 

[IgorG]

I suppose that this thread will give you right direction - https://talk.plesk.com/threads/microupdates-overwrite-passiveports.332608/

 

[Maxwell Banks]

Hi Igor!
I read the below article, but have example to add properties adding a conf file at /etc/proftpd.d/ directory, but I don't add any property. I need remove a existen property at 50-plesk.conf

I have any way to remove the MasqueradeAddress attribute?

Thanks a lot!

Maxwell.

 

[Conny Tigerspice]

I have exactly the same question. Did you solve it, Maxwell?

 

[AYamshanov]

Hi Conny Tigerspice,

Do you have configured port forwarding? What port(s) are you have configured? Could you please post your FTP-client's logs?

 

[Conny Tigerspice]

Hi Conny Tigerspice,

Do you have configured port forwarding? What port(s) are you have configured? Could you please post your FTP-client's logs?

Hi AYamshanov,
I'm sorry, I'm completely new to plesk and did not set up the system. Could you tell me where to look this up?

 

[AYamshanov]

Hello,

I suggest starting with documentation

• If your Plesk deployed from one of our images in Clouds, then use this link: Plesk Installation and Upgrade on Public Cloud Services .
• And one more link from Administrator's Guide: (Plesk for Linux) Configuring Passive FTP Mode

Typically, need to configure a firewall to allow a port range for passive FTP. If you can't resolve an issue, I suggest creating a new forum thread, describe your installation (OS version, Plesk version), provide logs from FTP-client and a text of the error.

 

[Conny Tigerspice]

Thank you for the links, I'll look into them!

I don't think that it is neccessary to create a new post, because basically I have a solution. The FTP is working if I remove MasqueradeAddress from the file /etc/proftpd.d/50-plesk.conf, but as the author wrote: he did not know how to just remove one line from this file.

What I'm doing at the moment is that I created a new file /etc/proftpd.d/nomasquerade.conf and copied the contents of the other file into it without the MasqueradeAddress line. Then I changed the file /etc/proftpd.conf to not include the 50-plesk.conf any more. I'm not sure if this is how it has to be done, but it is working for now...

 

[Bonsai78]

@AYamshanov: It can be the case, that everything on passive mode is configured properly, but it is still failing, becasue the MasqueradeAddress. See: Question - How to remove ProFTP default setting - update stable?