FTP over Internet problem NSA210

Oxnas 810 based
nathanas
Posts: 9
Joined: Sun Dec 30, 2012 10:57 am

FTP over Internet problem NSA210

Post by nathanas » Sun Dec 30, 2012 11:14 am

Hi there,
I just bought a Zyxel nsa 210 drive and configured everything just fine. The only problem is that I cannot access my FTP from outside my LAN.
Filezilla reports that the server sends his internal ip address and not the external one when its time for data communication.
I have port forwardes everything correctly and the problem is my server. I think its impossible that Zyxel hasn't fixed that bug. It should send internal ip when on LAN connection and external when on external connection. Tha think is that I spent 60$ for a drive to support FTP via internet and this one looks like it doesn't.

I don't use the "PPPoE" & "UPnP Port Mapping" options. I dont need them but if these are necessary to configure for ftp access then let me know.

Has anyone ever got it working easily?

Configuration:
Settings on FTP Server:
Service port: 8072
Data port range: 8060-8069

Settings on router:
Service port: 8072
Data port range: 8060-8069 to FTP Server's IP
-----

Filezila log:

Code: Select all

Status:	Resolving address of nathanas.dyndns.info
Status:	Connecting to 46.198.10.48:8072...
Status:	Connection established, waiting for welcome message...
Response:	220---------- Welcome to Pure-FTPd [TLS] ----------
Response:	220-You are user number 1 of 3 allowed.
Response:	220-Local time is now 13:11. Server port: 8072.
Response:	220-This is a private system - No anonymous login
Response:	220 You will be disconnected after 5 minutes of inactivity.
Command:	USER admin
Response:	331 User admin OK. Password required
Command:	PASS *****
Response:	230 OK. Current restricted directory is /
Command:	SYST
Response:	215 UNIX Type: L8
Command:	FEAT
Response:	211-Extensions supported:
Response:	 EPRT
Response:	 IDLE
Response:	 MDTM
Response:	 SIZE
Response:	 REST STREAM
Response:	 MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
Response:	 MLSD
Response:	 TVFS
Response:	 ESTP
Response:	 PASV
Response:	 EPSV
Response:	 SPSV
Response:	 ESTA
Response:	 AUTH TLS
Response:	 PBSZ
Response:	 PROT
Response:	 UTF8
Response:	211 End.
Command:	OPTS UTF8 ON
Response:	200 OK, UTF-8 enabled
Status:	Connected
Status:	Retrieving directory listing...
Command:	PWD
Response:	257 "/" is your current location
Command:	TYPE I
Response:	200 TYPE is now 8-bit binary
Command:	PASV
Response:	227 Entering Passive Mode (192,168,$$$,$$$,31,130)
Status:	Server sent passive reply with unroutable address. Using server address instead.
Command:	MLSD
You do not have the required permissions to view the files attached to this post.


nathanas
Posts: 9
Joined: Sun Dec 30, 2012 10:57 am

Re: FTP over Internet problem NSA210

Post by nathanas » Sun Dec 30, 2012 12:53 pm

by make it executable you mean...to paste the code to notepad and save it as .exe?
how can I access the usr folder? I don't have the rights to see it even with admin account.

nathanas
Posts: 9
Joined: Sun Dec 30, 2012 10:57 am

Re: FTP over Internet problem NSA210

Post by nathanas » Sun Dec 30, 2012 1:08 pm

Can you make your code to handle LAN connections as well as via internet connections?
Because its crucial for me to have both.
Are there any problems with the FTP if I use this code? I don't mind if the NAS uses more 10-15% CPU or RAM.
I just don't want the NAS to ever freeze.

Code: Select all

#!/bin/sh

# Change in your public IP, or dyndns domain
PUBLICIP=1.2.3.4

Background()
{
   sleep 60

   # Add public ip to the line
   local CURARGS=` cat /var/zyxel/pure-ftpd.arg `
   if echo $CURARGS | grep "\"-P $PUBLICIP\"" 
   then
      exit 0
   fi
   
   echo $CURARGS -P $PUBLICIP >/var/zyxel/pure-ftpd.arg

   # restart pure-ftpd
   /usr/local/sbin/vsftpd_start_silent.sh
}

Background &

Mijzelf
Posts: 6224
Joined: Mon Jun 16, 2008 10:45 am

Re: FTP over Internet problem NSA210

Post by Mijzelf » Sun Dec 30, 2012 1:13 pm

No. Not Notepad, and not .exe. Your NAS is actually a Linux server, and a Linux scripts needs Unix line ending, which Notepad can't provide. On a Windows box you could use PsPad, which supports Unix line endings (can't remember how, somewhere in the menu you have the choice between Windows, Mac and Unix line endings).
Further on a Linux system a file is executable when the executable flag is set. Execute in a Linux shell

Code: Select all

chmod a+x scriptfile.sh
To be able to access the internal filesystem you'll have to use the Telnet backdoor, or FFP.

nathanas
Posts: 9
Joined: Sun Dec 30, 2012 10:57 am

Re: FTP over Internet problem NSA210

Post by nathanas » Sun Dec 30, 2012 3:00 pm

I managed to make a .sh file using PsPad and I hope its in UNIX format.
I post it here so you can tell me if its ok.

The problem now is that I don't know how to copy it to the desired directory but I don't know how.
I use cmd to connect using telnet. The command is "telnet <localip>".
It asks for user & pass and login successful. But the I try the simplest command cd usr and it says it cant cd there.

The script file:
https://dl.dropbox.com/u/28103209/publi ... pserver.sh
You do not have the required permissions to view the files attached to this post.

Mijzelf
Posts: 6224
Joined: Mon Jun 16, 2008 10:45 am

Re: FTP over Internet problem NSA210

Post by Mijzelf » Sun Dec 30, 2012 3:11 pm

The line endings are ok. But the first line starts with some spaces, and the '#!/bin/sh' *must* start at the beginning of the file. (It is the path to the script interpreter. Without it the system doesn't know how to handle the script)

Copy the script to your admin share, then you can copy it to it's destination by:

Code: Select all

cp /i-data/md0/admin/publicip_for_ftpserver.sh /usr/local/zy-pkgs/etc/init.d/
(BTW, I think you'll have to login as 'root' for this. Same password as admin)
And make it executable.

Code: Select all

chmod a+x /usr/local/zy-pkgs/etc/init.d/publicip_for_ftpserver.sh

nathanas
Posts: 9
Joined: Sun Dec 30, 2012 10:57 am

Re: FTP over Internet problem NSA210

Post by nathanas » Sun Dec 30, 2012 3:28 pm

I edited the script file and deleted the spaces.
Logged in as root and entered the 2 commands.
restarted router.
Now I can't connect through LAN (as expected) but not connect also via internet. The server sends the correct public IP but still nothing.

Log over internet access:

Code: Select all

Response:	220---------- Welcome to Pure-FTPd [TLS] ----------
Response:	220-You are user number 2 of 3 allowed.
Response:	220-Local time is now 17:26. Server port: 8072.
Response:	220-This is a private system - No anonymous login
Response:	220 You will be disconnected after 5 minutes of inactivity.
Command:	USER admin
Response:	331 User admin OK. Password required
Command:	PASS **************
Response:	230 OK. Current restricted directory is /
Command:	OPTS UTF8 ON
Response:	200 OK, UTF-8 enabled
Status:	Connected
Status:	Retrieving directory listing...
Command:	PWD
Response:	257 "/" is your current location
Command:	TYPE I
Response:	200 TYPE is now 8-bit binary
Command:	PASV
Response:	227 Entering Passive Mode (46,198,10,XXX,31,129)
Command:	MLSD
Error:	Connection timed out
Error:	Failed to retrieve directory listing

Mijzelf
Posts: 6224
Joined: Mon Jun 16, 2008 10:45 am

Re: FTP over Internet problem NSA210

Post by Mijzelf » Sun Dec 30, 2012 6:23 pm

You should use the Customize the port range for data transfer.-option, and choose a small range of ports (40000-40010, or something like that) and forward this range in your router.

nathanas
Posts: 9
Joined: Sun Dec 30, 2012 10:57 am

Re: FTP over Internet problem NSA210

Post by nathanas » Sun Dec 30, 2012 6:30 pm

Have forwarded ports for data 8060-8069 and maximum users 5 (tested it with max 3 users and has been the same)
forwarded on router and set right in ftp server settings.

(31*256)+129=8065 //which is in the port range for data.

Don't know whats happening

These are the port forward options: (i am port forwarding with the same way some other devices and work successfully. Even other ports on my NAS.)
I don't see the reason why this won't be working.
You do not have the required permissions to view the files attached to this post.

Mijzelf
Posts: 6224
Joined: Mon Jun 16, 2008 10:45 am

Re: FTP over Internet problem NSA210

Post by Mijzelf » Sun Dec 30, 2012 6:53 pm

Strange. It should work. Did you doublecheck the ip address of the NAS? BTW, you only need to forward TCP, FTP doesn't use UDP. But that can't be the problem.

Did you also define the same portrange in the NAS?

nathanas
Posts: 9
Joined: Sun Dec 30, 2012 10:57 am

Re: FTP over Internet problem NSA210

Post by nathanas » Sun Dec 30, 2012 6:56 pm

Yes I defined the same. Now I am trying to do it on 40000-40001 with jsut 1 user connection. If it doesn;t work then I think that its cause of the router. Is locked by my provider and some functions doesn't work. Its the first time I am trying port range forwarding. If this is the issue I will enter each port manually

nathanas
Posts: 9
Joined: Sun Dec 30, 2012 10:57 am

Re: FTP over Internet problem NSA210

Post by nathanas » Sun Dec 30, 2012 8:03 pm

Mijzelf wrote:Strange. It should work. Did you doublecheck the ip address of the NAS? BTW, you only need to forward TCP, FTP doesn't use UDP. But that can't be the problem.

Did you also define the same portrange in the NAS?
It's been a router problem. Now it works just fine. The port range forwarding didn't work.
I changed the Thomson TG782 with Linksys Wag200 and now its ok.

Mijzelf
Posts: 6224
Joined: Mon Jun 16, 2008 10:45 am

Re: FTP over Internet problem NSA210

Post by Mijzelf » Sun Dec 30, 2012 8:15 pm

Ah, great. That also means you can now connect to your FTP server from your LAN. At least my wag200 permits me to access it's external ip address from inside.

nathanas
Posts: 9
Joined: Sun Dec 30, 2012 10:57 am

Re: FTP over Internet problem NSA210

Post by nathanas » Sun Dec 30, 2012 8:21 pm

That happens only if you connect to the static external ip from LAN.

I managed to connect through Internet and transferred a movie with 3.5MB/s which means its using my internal IP for data. Somehow it sees that its a device connected to my router.
But i could see transfer speeds about 15MB/s through my LAN before the settings.Now just 3.5MB/s is there something to with the telnet settings or router port processing that decreases my speed?
Why is this happening? I don't really care. I just want to know.

Post Reply