- Plesk for Linux
It is not possible to set up a remote FTP storage in Plesk, neither active, nor passive:
PLESK_ERROR: Error: Unable to access to storage: Transport error: unable to list directory: Curl error: (7) Couldn't connect to server: Last FTP request: PASV Last FTP response: 227 Entering Passive Mode (203,0,113,2,250,1)
Make sure you have entered the correct storage settings. You can check them independently with the command:
curl -v --ftp-pasv --ssl -k -u user 'ftp://203.0.113.2///'
There are no restrictions for the outgoing traffic configured in the firewall on the Plesk server side:
# iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
Manual passive mode connection from the command line fails with an error:
# curl -v --ftp-pasv --ftp-ssl -k -u user 'ftp://203.0.113.2///'
< 227 Entering Passive Mode (203,0,113,2,250,1)
* Trying 203.0.113.2... No route to host
* couldn't connect to host
Manual active mode connection from the command line fails with an error:
# curl -vk --ftp-ssl --ftp-port - -disable-eprt -u user 'ftp://203.0.113.2///'
< 200 PORT command successful
* Connect data stream actively
> TYPE A
< 200 TYPE is now ASCII
< 425 Could not open data connection to port 40000: Connection timed out
tracerouteshows that egress packets to the passive port of the remote FTP are dropped due to the network policy (
!X: communication administratively prohibited):
# traceroute -p 64001 -T 203.0.113.2
traceroute to 203.0.113.2 (203.0.113.2), 30 hops max, 60 byte packets
2 192.0.2.2 (192.0.2.2) 0.124 ms !X 0.163 ms !X *
Note: Remote FTP address and the port from the passive ports range should be used (49152-65535)
tracerouteshows that ingress packets from the remote client to the active port of the FTP are also dropped due to the network policy:
# traceroute -p 40000 -T 203.0.113.199
9 203.0.113.198 (203.0.113.198) 113.442 ms !X 111.218 ms !X 112.097 ms !X
Note: Connection from the remote host to Plesk server should be performed with port in range 1024-65535
Intermediate firewall blocks the traffic on passive and active port ranges.
Contact the service provider, or the network administrator to allow connections to the remote FTP.