I have set up a new NAS using Open Media Vault. I have installed the WebMin extension to get on to the web gui for configuration. My problem is that I have to be on the same network as my NAS. How can I connect to my NAS from a different network than it is connected to? On the network that it is connected to its IP is 192.168.0.99:1000 for the WebMin gui. How can I access this from a different network?
Setup a VPN to connect to the network that your NAS is on. Once the VPN is connected you can connect to the NAS as if you were on the local network.
You could also possibly setup firewall and/or port forwarding rules depending on how your network is setup but please consider the security issues when doing so.
You could alternatively also try to open the NAS and give it a public IP address and a DNS. This will allow you to setup SSH and FTP as it was any other server.
To SSH remotely over the internet, you need either a permanent IP address or a domain name that is updated to point to the IP address when it changes. The latter requires a dynamic domain name service. A good free one is DuckDNS (duckdns.org). First, use one of the sign-in options such as Google. In the domain line enter your preferred subdomain name.
There is a great guide on how you can do this here: https://forums.freenas.org/index.php?threads/how-to-how-to-access-your-freenas-server-remotely-and-securely.27376/
I'm running Filezilla Server 0.9.45 beta to manage my server remotely.
After setting it up, I tested connecting to it using the IP 127.0.0.1, and it worked successfully. However, to connect to the server remotely, I port forwarded to port 21, and tried to connect using my computer's IP.
Status: Connecting to [My IP]:21...
Status: Connection established, waiting for welcome message...
Response: 220 Powered By FileZilla Server version 0.9.45 beta
Command: USER hussain khalil
Response: 331 Password required for user
Command: PASS *********
Response: 230 Logged on
Status: Connected
Status: Retrieving directory listing...
Command: CWD /
Response: 250 CWD successful. "/" is current directory.
Command: PWD
Response: 257 "/" is current directory.
Command: TYPE I
Response: 200 Type set to I
Command: PORT 192,168,0,13,205,63
Response: 200 Port command successful
Command: MLSD
Response: 150 Opening data channel for directory listing of "/"
Response: 425 Can't open data connection for transfer of "/"
Error: Failed to retrieve directory listing
This continues to work locally, but not when connecting remotely... How can I fix this?
I just changed the encryption from "Use explicit FTP over TLS if available" to "Only use plain FTP" (insecure) at site manager and it works!
File > Site Manager > Select your site > Transfer Settings > Active
Works for me.
Most of the answers here involves configuring, actually just by adding sftp:// on your host (see below image) you can instantly fixed that kind of problem, works for me.
And also take note that if you follow Vaggelis guide you are lowering your security, sftp is better than using plain ftp.
I just changed the encryption from "Use explicit FTP over TLS if available" to "Only use plain FTP" (insecure) at site manager and it works!
When you send the port command to your server, you are asking the server to connect to you (on the remote network). If the remote network also has a NAT router, and you have not port-forwarded the port you are sending with your PORT command, the server will not be able reach you.
The most common solution would be to send the PASV command to the server instead of the PORT command. The PASV command will ask the server to create a listening socket and accept a connection from the remote machine to establish the data connection.
For the PASV command to work, you will also need to port-forward a range of ports for the passive data connections. The passive connection ports (which need to be forwarded) should be listed in the FileZilla documentation.
Ok this helped a lot, I couldn't find a fix.
Simply, I already port forwarded the FTP port to my server. (The default is 14147, I'll use this as example)
Go to Edit > General settings, Listening port should be the one your using, in this case 14147.
Then go to Passive Mode Settings, I checked "Use Custom Port", and entered in the Range 50000 - 50100.
Then on your router, port forward 50000 - 50100 to the server IP locally.
IPv4 specific settings I left at default, reconnected my client, and bam now the file listing appears.
Ensure your servers firewall has an inbound rule set to accept 14147, and 50000-50100.
Basically what Evan stated. I can't attest to the security of opening these ports, but this is what finally got my Filezilla client and server to communicate and view files. Hope this helps someone.
My experience is that the new version of Filezilla has this problem, but not the old versions. I was using Filezilla and everything was OK. After I upgraded to version 3.10, I faced this problem and I couldn't solve it. I uninstalled version 3.10 and reinstalled version 3.8 and the problem was gone! Now I am using version 3.8 and everything is OK. I prefer to face no problems even if I have to use old versions. ;)
Try installing the old version and do not upgrade, however odd that may sound.
I solved this by going into Site Manager -> selected the connection that Failed to retrieve directory listing -> Switched to tab "Transfer Settings" and set "Transfer Mode" to "Active" instead of "Default". Also check if you are connected via VPN or anything similar, this can also interfere.
Run Windows Defender Firewall with Advanced Security
Start > Run : wf.msc
I had the same problem-what worked for me -in Windows OS-is adding FileZilla as a firewall exception-under allow a program through firewall features
I've had the same problem, This was due to the firewall. I use windows server,
Can you allow the connection permission for program, intead of port 21,22 permission.
Windows Firewall with Advanced Security->
Inbound Rules->
Add Rule->
Program->
"Select Filezilla path with Browse button"->
Allow the Connection
I had Filezilla 3.6, and had the same issue as OP. I have upgraded to 3.10.3 thinking it would fix it. Nope, still the same.
Then I did a bit digging around the options, and what worked for me is:
Edit -> Settings -> FTP -> Passive Mode and switched from "Fall back to active mode" to "Use the server's external IP address instead"
I experienced the same problem with FZ-client, while my notebook connected via WLAN and DSL/Router. In the Site Manager connection settings I was applied Host:ftp.domain-name, Encryption:Only use plain FTP (insecure) and User:username#domain-name. Then the FTP-client succesfully connected to my website server.
More FTP connection information could be found in the CPanel of the webserver. Hope this helps.
It worked for me:
General -> Encryption -> Only use plain FTP
Transfer settings -> Transfer Mode -> Active
Consider that it is very insecure, and must be used only for testing.
After about 2 hours experience;
Open > Windows Defender Firewall with Advanced Security
Select > Inbound Rules
Click > New Rule...
Choose > Custom
Choose > This program path:
Click > Browse
Find > filezilla-server.exe (possibly C:\Program Files\FileZilla Server)
Click > Open
Click > Next
Click > Next
Click > Next (Allow the connection is already selected)
Click > Next (if you do not need change)
Fill > Name
Click > Finish
I also had the problem after upgrading to 3.10. I had versoin 3.6.02 hanging around and installed that. Problem solved.
I had that problem with my server hosted in the cloud. I only need the server a couple of times a year and so when I boot up my server the IP address changes. The new IP address then has to be updated on FTP Server passive mode settings!
The latest version of Filezilla works just fine!
If you're using VestaCP, you might want to allow ports 12000-12100 TCP on your Linux Firewall.
You can do this in VestaCP settings.
Check if the ip address on the router is the same with the one on the ftp server. If not make sure it is the same. This should works perfectly.
In my case, restarting my router which I used to connect to the internet worked. I think too much of connections were going from the same IP Address and when I restarted my router, possibly a new IP was assigned and now everything works fine, and passive mode gives good speed in directory listing.
My issue was also the firewall. I'm using a Linux server with WHM/cPanel. Adding my IP to the quick allow solved my issue. I hadn't updated Filezilla and I don't think there were any changes to the server that should have caused it. However, I did move and my IP changed so maybe that was the problem. Good luck to everyone else with this insanely annoying issue.
The issue of mine was the same but the solution was a little different.
I used the AWS EC2 server to host the WHM service. And found that "the passive ports are enabled, but not these Ports are not found in my EC2 Security Group".
[root#94367392 ~]cPs# egrep -i passiveport /etc/pure-ftpd.conf
Output:
PassivePortRange 49152 65534
Now I moved ahead and opened the ports from 49152 to 65534 in the Security group of EC2 and the Filezilla problem related to "Failed to retrieve directory listing" was solved and it worked like a charm.
This cPanel doc is helpful.
I've seen solutions that involve granting FileZilla full access via windows firewall. This is an alternative to that, if you know the IP of the connecting system and it's static, simply grant it full access to all ports via windows firewall.
Windows Firewall, Inbound Rules > Create a Rule > All Local Ports > Scope > This IP Address (the IP of the connecting system).
To me this is much safer than granting full access to FileZilla to all incoming ip addresses.
Once you've completed your transfer, you can then disable the rule.
I tried all the solution, i used CyberDuck and it works..
Now in FileZilla, create a new Account
1. Host is the FTP Address - e.g. ftp.somewhere.com
2. Protocol is "SFTP-SSH File Transfer Protocol"
3. User ID is your Bluehost User Id
4. Password is your Bluehost Password
5. Click "Connect" to establish a connection with Directory Listing!
This resolve the issue with 3.10 for me. And I'm glad to have the Secure Access for all of my future file transfers. It should prevent security issues in the future.
This seems like it should be beyond simple, so I hate asking. But I've tried to configure Windows Firewall to allow XDebug to connect to PHPStorm on port 9000 without success.
XDebug is on on Vagrant Box with private network connection--so the host machine has a virtual network adapter. Vagrant is 192.168.33.10 and the host PC is 192.168.33.1.
With Windows Firewall disabled, XDebug connects to PHPStorm. But I obviously don't want to leave my firewall off.
So I've tried to open a port in Windows Firewall with the following Inbound Rule settings:
General
Enabled: Check
Action: Allow the connection
Program and Services
All programs that meet the specified conditions: Checked
Services
Apply to all programs and services: Checked
Protocols and ports
Protocol type: TCP
Local port: Specific Ports : 9000
Remote port : All Ports
Scope
Local IP address
Any IP address: checked
Remote IP address
Any IP address: checked
Advanced
Profiles
Domain: checked
Private: checked
Public: checked
Interface types
All interface types: checked
Edge traversal: Block edge traversal
But it's not working to allow XDebug to connect to PHP storm. I've also tried setting the protocol to UDP. And I'm aware that if this rule did work, it would be excessively open (I could tighten up the scope), but for the moment I just want to see it work before tightening it.
There is a problem with Virtualbox network host-only interface since it is loopback interface and Windows manage it in a diffrent way.
Easy way to solve this is to open 'regedit'. Search for 'HKLM:\system\CurrentControlSet\control\class{4D36E972-E325-11CE-BFC1-08002BE10318}'. There is plenty of interfaces. Simply look one named 'VirtualBox Host-Only Ethernet Adapter'. Then add new DWORD(32) key named '*NdisDeviceType' and value '1' (hex). Reboot.
I don't know if there is a need to add standard fw rules like host port 9000 allow for all, since i had it already.
More about it - http://brianreiter.org/2010/09/18/fix-virtualbox-host-only-network-adapter-creates-a-virtual-public-network-connection-that-causes-windows-to-disable-services/
The simplest approach that I found: Windows Advanced Firewall (where you add/remove rules) -> right-click -> Properties (another place for en/disabling Local/Domain/Public firewalling)
Each off the three scopes (Local/Domain/Public) has a setting to exclude firewall-processing for specific network interfaces completely (!)
Turn of windows firewall for any vmware/virtualbox network interface. (unless you require it against your virtual machine)
This will allow any connection from your guest, to your host machine.
In general, it's easier to not specify rules in terms of protocols or port ranges. Rather, just let the the program executable have a firewall exception for everything. So instead of creating a rule for port 9000, just create a rule for "xdebug.exe", but don't limit it to just port 9000.
Control Panel->Windows Firewall -> click "Allow an app or feature through Windows Firewall", then add xdebug.exe (or whatever the executable name is). This will add a new set of inbound rules (one for UDP and another for TCP). Go back to the advanced settings page, find the new inbound rules that were created, and inspect each to validate thatl the "Scope" checkboxes are set (private, domain, public).
There's a way to turn on firewall logging so you can discover what is getting blocked when the firewall is on. Then you can add rules as appropriate.
http://technet.microsoft.com/en-us/library/cc787462(v=ws.10).aspx
If you have a NAT adapter on your box in addition to virtual adapter, you can change xdebug config in php.ini xdebug.remote_host parameter to the IP of physical interface on your machine. Easiest way to find out is to try to telnet to 9000 port.
I developed a client/server simulation application. I deployed client and server on two different Windows XP machines. Somehow, the client is not able to send requests to the server.
I tried below options:
Pinged server machine successfully from client using ip-address.
Pinged client machine successfully from server using ip-address.
Checked netstat command line tool from both machines. Server is in LISTENING mode and client is in SYS_SENT mode. But the foreign address it is using to send is host name not the ip address.
Pinged server machine unsuccessfully using host name from client.
Pinged client machine successfully using host name from server.
I feel the problem is when the client is trying to connect to the server using the host name.
Could you please let me know how to force an application to use an ip address instead of a host name? Is there any other way to map the host name to an ip address?
Go to your client machine and type in:
nslookup server.company.com
substituting the real host name of your server for server.company.com, of course.
That should tell you which DNS server your client is using (if any) and what it thinks the problem is with the name.
To force an application to use an IP address, generally you just configure it to use the IP address instead of a host name. If the host name is hard-coded, or the application insists on using a host name in preference to an IP address (as one of your other comments seems to indicate), then you're probably out of luck there.
However, you can change the way that most machine resolve the host names, such as with /etc/resolv.conf and /etc/hosts on UNIXy systems and a local hosts file on Windows-y systems.
Try tracert to resolve the hostname. IE you have Ip address 8.8.8.8 so you would use; tracert 8.8.8.8
You could use a C function getaddrinfo() to get the numerical address - both ipv4 and ipv6.
See the example code here
This is hard to answer without more detail about the network architecture. Some things to investigate are:
Is it possible that client and/or server is behind a NAT device, a firewall, or similar?
Is any of the IP addresses involved a "local" address, like 192.168.x.y or 10.x.y.z?
What are the host names, are they "real" DNS:able names or something more local and/or Windows-specific?
How does the client look up the server? There must be a place in code or config data that holds the host name, simply try using the IP there instead if you want to avoid the lookup.
Windows XP has the Windows Firewall which can interfere with network traffic if not configured properly. You can turn off the Windows Firewall, if you have administrator privileges, by accessing the Windows Firewall applet through the Control Panel. If your application works with the Windows Firewall turned off then the problem is probably due to the settings of the firewall.
We have an application which runs on multiple PCs communicating using UDP/IP and we have been doing experiments so that the application can run on a PC with a user who does not have administrator privileges. In order for our application to communicate between multiple PCs we have had to use an administrator account to modify the Windows Firewall settings.
In our application, one PC is designated as the server and the others are clients in a server/client group and there may be several groups on the same subnet.
The first change was to use the functionality of the Exceptions tab of the Windows Firewall applet to create an exception for the port that we use for communication.
We are using host name lookup so that the clients can locate their assigned server by using the computer name which is composed of a mnemonic prefix with a dash followed by an assigned terminal number (for instance SERVER100-1). This allows several servers with their assigned clients to coexist on the same subnet. The client uses its prefix to generate the computer name for the assigned server and to then use host name lookup to discover the IP address of the assigned server.
What we found is that the host name lookup using the computer name (assigned through the Computer Name tab of the System Properties dialog) would not work unless the server PC's Windows Firewall had the File and Printer Sharing Service port enabled.
So we had to make two changes: (1) setup an exception for the port we used for communication and (2) enable File and Printer Service in the Exceptions tab to allow for the host name lookup.
** EDIT **
You may also find this Microsoft Knowledge Base article on helpful on Windows XP networking.
And see this article on NETBIOS name resolution in Windows.