8298 questions

9759 answers

15541 comments

13863 members

0 votes
426 views 4 comments
by

Trying to use Filezilla to connect to my ecommerce store via ftp (upload files, etc.).

Worked fine until RUT950

Responses back are

Response: 550 The network connection was aborted by the local system.

Error: Failed to retrieve directory listing

I know it is something with the RUT950 as I have tried a few other routers and they work fine.

FileZilla is allowed through AV and local computer firewall.

I have tried port forwarding and opening ports to no avail. I am out of things to try, so any help would be greatly appreciated.

Thank you

More Info:

Connection is Require Implicit FTP over TLS

Status: Connection established, initializing TLS...

Status: Verifying certificate...

Status: TLS connection established, waiting for welcome message...

Status: Logged in

Status: Retrieving directory listing of "/web/assets"...

Command: CWD /web/assets

Response: 250 CWD command successful.

Command: PWD

Response: 257 "/web/assets" is current directory.

Command: TYPE I

Response: 200 Type set to I.

Command: PASV

Response: 227 Entering Passive Mode (173,192,91,101,21,24).

Command: LIST

Response: 150 Opening BINARY mode data connection.

Error: GnuTLS error -110: The TLS connection was non-properly terminated.

Status: Server did not properly shut down TLS connection

Error: The data connection could not be established: ECONNABORTED - Connection aborted

Response: 550 The network connection was aborted by the local system. 

Error: Failed to retrieve directory listing

1 Answer

0 votes
by
Hello,

How much time do you have between the LIST command and the GnuTLS error ? 110 is ETIMEDOUT it looks like the he second connection doesn't completes.

Check with iptables -n -L -v before and after the error and compare the number of DROP. Maybe this will help you.

Regards,
by
Not 100 % sure I understand everything, but will investigate.

Thank you

Also, if I connect through my VPN, FTP works perfectly
by
If it works through a VPN my guess is that the firewall is too restrictive. PASV uses a random port for the data connection (or a random port in a range).

You can check with tcpdump on the router; tcpdump -i any -n -v 'host your_ftp_server_address', the TCP SYN of the data connection appears only once meaning it is not forwarded.

Regards,
by
Thanks again for trying to help.

I loaded wireshark and it looks to me like there are multiple TCP SYN events, but honestly, this is all above my technical level.

I tried opening ports 21-21, 990, 5000-6000 (which appear to be the port ranges potentially being used) all to no avail.

I have used MoFi and Netgear biz routers without ever having an issue. The Teltonika is the only one that has caused me a problem, and the interface is very different than the others.

Maybe I am opening the ports incorrectly? I don't know, seems straight forward.

If I take the Teltonica out of the loop everything works as it should, so I am pretty well convinced it is the RUT950 causing the issues. I am just out of any ideas within my technical boundries.
by

According to the first post, the ftp server is at 173.192.91.101 and the data port is 5400.

On the router, do tcpdump -i any -n -v -s 0 -w ftp.pcap 'host 173.192.91.101', replicate the failed operation and look at the generated pcap file with wireshark. Close to the end, you should see a SYN packed coming from the client, and another going to the server. If not the firewall is dropping the incoming packet. This should be followed b a SYN ACK in the reverse direction then an ACK.

If you want you can PM me the pcap.

Regards,