Issue Unable to connect to FTP via

Robin McDermott

Basic Pleskian
Server operating system version
AlmaLinux 9.5
Plesk version and microupdate number
Plesk Obsidian 18.0.66 Update #2
I am having trouble connecting to my website via FTP. I am using Filezilla and here is what I get:

Status: Disconnected from server
Status: Connecting to [IP Address]:21...
Status: Connection established, waiting for welcome message...
Status: Initializing TLS...
Status: TLS connection established.
Status: Logged in
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is the current directory
Command: TYPE I
Response: 200 Type set to I
Command: PASV
Response: 227 Entering Passive Mode ([IP Address],240,41).
Command: MLSD
Error: Connection timed out after 20 seconds of inactivity
Error: Failed to retrieve directory listing
Status: Disconnected from server
Status: Connecting to [IP Address]:21...
Status: Connection established, waiting for welcome message...
Status: Initializing TLS...
Status: TLS connection established.
Status: Logged in
Status: Retrieving directory listing...

Replaced my IP address with [IP Address]

Protocol is FTP
Port is 21
The encryption option I have selected is Use explicit FTP over TLS if available.

Port 21 is open on our firewall to my IP address.
 
Perhaps they are not. In filezilla, I am able to get into the site if I specify Active in the Transfer setting and Only Use Plain FTP in the Encryption. Otherwise I am not able to access the site via FTP. So, is it safe to assume that this is the issue?

I have been going around in circles with my hosting company, so I want to be able to tell them exactly what needs to be set on my hardware firewall so that I can access my domains securely.
 
Check the passive ports set in Proftpd:
Bash:
grep Passive /etc/proftpd.* -r
/etc/proftpd.conf:PassivePorts ????? !!!!!

Check the Plesk firewall if the ports are enabled:
Bash:
iptables -S INPUT | grep <?????? = first port from the previous step>
-A INPUT -p tcp -m tcp --dport ?????:!!!!! -j ACCEPT

The range ??????:!!!!! has to be allowed in your hardware firewall. If the range is too big, you can customize it and add a custom rule in the Plesk firewall.
 
I had this exact issue. I fixed it by adding the passive port range (49152-65535) to "My firewall policy" in Cloud servers panel. under network->firewall policies...
 
Back
Top