vsftpd - problems connecting with TLS

[sheffy_llama]

Hi,

I've recently installed and configured vsftpd successfully on a Debian server.

We want to ultimately get rid of plain text passwords for this server so I've set up TLS for vsftpd. FTPES works great from my home using FileZilla and from my bosses home, but in our office the connection stops after the USER command is sent. I have a feeling this is something to do with the network configuration in the office - maybe the NAT or something ??? This is where I get lost.

Using strace on the vsftpd process shows the the connection times out waiting for data from the the client. I've also ngrep'd the connection and it also looks like the server is waiting for more data from the client.

Just to preempt any suggestions for alternatives to FTP, I personally scp all my files from linux machine to linux machine but some people that work for the company need to use secure FTP.

Any help much appreciated!

Col.

[iwanabeguru]

try to enable the following ports in the firewall config

Code:

ftps-data	989/tcp    ftp protocol, data, over TLS/SSL
ftps-data	989/udp    ftp protocol, data, over TLS/SSL
ftps		990/tcp    ftp protocol, control, over TLS/SSL
ftps		990/udp    ftp protocol, control, over TLS/SSL

[sheffy_llama]

Hi,

Thanks for the suggestion. I did give it a try, but it hasn't helped. I'm 90% certain I shouldn't need those ports open for ftp over tls... I only have port 21 open in the firewall configuration and I can connect fine at home over tls.

Anybody have any other ideas?

Thanks.

[iwanabeguru]

how do you connect to your server ? which client do you use?

i think for a secure connection you need a secure client

[sheffy_llama]

Hi,

As I mentioned in my first post, I use Filezilla with using FTPES (FTP over explicit SSL)... these settings work fine from a couple of different home connections, but not from the office.

Thanks.