Question: Problem with passive FTP on new CloudMan Galaxy instance
0
gravatar for Marco Blanchette
3.8 years ago by
United States
Marco Blanchette10 wrote:

Ok, different but non-lethal FTP problem with the latest CloudMan FTP server. I can't seem to be able to get my clients (either command-line FTP from Mac OSX or FileZila running on mac OSX) stably connect to the server. Only if I turn to active transfer that I'm able to get it work. I first thought that this was intentional but I don't think it is as: 

From the proFTPd config file (/usr/proftpd/etc/proftpd.conf), the passive ports are set to PassivePorts 30000 30100. 

From the CloudMan security groups initialized at start up, the TCP pots 30000-30100 are open to all inbound traffic:

  1.              {
  2.                     "ToPort": 30100, 
  3.                     "IpProtocol": "tcp", 
  4.                     "IpRanges": [
  5.                         {
  6.                             "CidrIp": "0.0.0.0/0"
  7.                         }
  8.                     ], 
  9.                     "UserIdGroupPairs": [], 
  10.                     "FromPort": 30000
  11.                 },

However, I still can't successfully connect to the server unless I turn the transfer to active mode. Can't seem to figure out what my issue is here.

Any help would be appreciated (unless again this is by design).

Thanks

ftp galaxy cloudman • 982 views
ADD COMMENTlink modified 3.8 years ago • written 3.8 years ago by Marco Blanchette10

This is a distinct issue from the others reported about Cloudman and FTP. We are investigating. 

ADD REPLYlink written 3.8 years ago by Jennifer Hillman Jackson24k
1
gravatar for Dannon Baker
3.8 years ago by
Dannon Baker3.7k
United States
Dannon Baker3.7k wrote:

I'm actually having a ton of trouble replicating this.  FileZilla and Cyberduck both work in both Active and Passive mode for me on a fresh cloud instance, uploading multi-gigabyte files, without any security group tweaks, etc.

Do you think there's a chance that this could perhaps be an issue with the network you're running on?

ADD COMMENTlink written 3.8 years ago by Dannon Baker3.7k
0
gravatar for Marco Blanchette
3.8 years ago by
United States
Marco Blanchette10 wrote:

The problem was indeed internal... We have an alias in our dns that maps the address galaxy.sgc.loc to an elastic IP from AWS that is used to map the server. Somehow, this causes the server to lose track of the client IP (the galaxy.sgc.loc is only resolvable within our network). The fix that our IT team came with was to add the following line to the proFTPd setting (well, using the real IP):

MasqueradeAddress     54.122.33.155

Not sure if there is a better more deployable solution that could be implemented but at least, this fixes our issue.

thanks

 

ADD COMMENTlink written 3.8 years ago by Marco Blanchette10

Glad you figured it out, thanks for the update!

ADD REPLYlink written 3.8 years ago by Dannon Baker3.7k
Please log in to add an answer.

Help
Access

Use of this site constitutes acceptance of our User Agreement and Privacy Policy.
Powered by Biostar version 16.09
Traffic: 118 users visited in the last hour