Articles in this section

See more

Secure FTP connection is not working in Plesk if external firewall is used

Avatar
Pavel Rozental
Updated
Follow

Symptoms

  • External firewall is used.
  • Secure FTP connection is not working in Plesk if external firewall is used:

    CONFIG_TEXT: 425 Unable to build data connection: Connection timed out

    OR

    CONFIG_TEXT: Timeout detected. (data connection) Could not retrieve directory listing Error listing directory '/'.

  • nf_conntrack_ftp module is loaded and it is possible to connect to the server via FTP in passive mode if non secure connection is used:

    # lsmod | grep ftp
    nf_conntrack_ftp 18638 0
    nf_conntrack 133053 6 nf_nat,nf_nat_ipv4,xt_conntrack,nf_conntrack_ftp,nf_conntrack_ipv4,nf_conntrack_ipv6

Cause

When secure FTP connection is used nf_conntrack_ftp is not working.

External firewall can not open ports because information that FTP server passes to the client is encrypted.

Resolution

  1. Open needed passive port range in external firewall

  2. Open the file /etc/proftpd.conf in any text editor and place the content below to the Global section as follows:

    <Global> 
    ...
    ...
    PassivePorts 49152 65535
    </Global>

    Note: Starting from Plesk Onyx, passive ports can be defined in /etc/proftpd.d/55-passive-ports.conf file.

  3. Restart xinetd service to apply changes:

    # service xinetd restart

Comments

0 comments

Please sign in to leave a comment.

Have more questions? Submit a request

Related articles