Can anyone help me test my ftp server? Just trying to see if it can go outside my network. Need someone to PM info to.

Thanks!

Can anyone help me test my ftp server? Just trying to see if it can go outside my network. Need someone to PM info to.

Thanks!

Sure, I'll help you. Send me the info to connect and I'll check it out. :santa:

Ok, info sent. Thanks.

Ok, info sent. Thanks.

Lol, I need the external IP address...:santa2:

We can talk in here, so we have to send back PMs.

So, about that last question, I don't think my server can see the internet.

Also, I can't add that address to allow port forwarding. If I do, it says I can only add 192.xxx.xxx.xxx addresses. I'm using a Dlink router.

We can talk in here, so we have to send back PMs.

So, about that last question, I don't think my server can see the internet.

Also, I can add that address to allow port forwarding. If I do, it says I can only add 192.xxx.xxx.xxx addresses. I'm using a Dlink router.

Ah, you don't need port forwarding, just open up the ports needed for FTP.

If your server can't see the internet, then it is no go.

Well, I tried to connect using the 192.xxx.xxx.xxx on a neighbors connection and I was able to get to my files. The only problem is that I couldn't download them.

Well, I tried to connect using the 192.xxx.xxx.xxx on a neighbors connection and I was able to get to my files. The only problem is that I couldn't download them.

You shouldn't be able to connect unless you are on the same network.

Ah, you don't need port forwarding, just open up the ports needed for FTP.

If your server can't see the internet, then it is no go.

But if I open up the ports for FTP, would I have to use the external IP address or the 192.xxx.xxx.xxx

This is the first time I'm doing this, so I don't know the ins and outs. :D

But if I open up the ports for FTP, would I have to use the external IP address or the 192.xxx.xxx.xxx

This is the first time I'm doing this, so I don't know the ins and outs. :D

If you want to connect to it from the network that the server is on, use the 192.

If you want to connect to it from the internet, you NEED to use the external one.

You shouldn't be able to connect unless you are on the same network.

Yes, I can connect when I'm on my network. Though, when I tried to connect to a neighbor's wireless (using my laptop), going through their network, I was able to get on...almost.

Yes, I can connect when I'm on my network. Though, when I tried to connect to a neighbor's wireless (using my laptop), going through their network, I was able to get on...almost.
Here is a self test for you. Even though your on the same network as your server, you can still try and connect to it through its external IP address. Then you don't need test subjects such as myself!:santa:

But I will gladly help you try and troubleshoot it.

If you want to connect to it from the network that the server is on, use the 192.

If you want to connect to it from the internet, you NEED to use the external one.

When I configure my router to open the FTP using the external ip, it won't let me. It says I need to use a LAN subnet (198.0.0.0).

So, I guess it is not possible? :(

When I configure my router to open the FTP using the external ip, it won't let me. It says I need to use a LAN subnet (198.0.0.0).

So, I guess it is not possible? :(

You need to open the port via your internal IP address, the 192 one.

You need to open the port via your internal IP address, the 192 one.

Ok, done. Does doing public = 1023 and private = 21 good?

Ok, done. Does doing public = 1023 and private = 21 good?

Are you talking ports? Lol, sorry, I've only tried to setup an FTP server, got about as far as you did...

Are you talking ports? Lol, sorry, I've only tried to setup an FTP server, got about as far as you did...

Yes, ports. lol

But I can't use my external ip address in Cerberus. It gives me:

Unable to initialize interface 65.0.131.124 :bang head

Wait a minute. Do I have to use my own IP for my server instead of using "obtain an ip address automatically"?

You need both port 20 and 21 open to run an FTP. FTP uses one of them for handshaking or something, and the actual data is transfered on the other port. Do not "obtain IP automatically" on your server; set a static IP. If you want to access through the internet, you need to forward ports on your router, to your servers IP. Make 20 and 21 be the local port, and some high number be the remote (most ISP's block FTP ports for residential internet service).

Yes, ports. lol

But I can't use my external ip address in Cerberus. It gives me:

Unable to initialize interface 65.0.131.124 :bang head

I tried it again, but it looks like it is waiting for something. It is almost like I'm getting blocked, it takes about 15 seconds before it give me "Page cannot be loaded". So it is seeing something, it just can't connect.

But lets go back to the original question, is the server able to access the internet? If the answer is no, then that is the first thing you must do.:)

I tried it again, but it looks like it is waiting for something. It is almost like I'm getting blocked, it takes about 15 seconds before it give me "Page cannot be loaded". So it is seeing something, it just can't connect.

But lets go back to the original question, is the server able to access the internet? If the answer is no, then that is the first thing you must do.:)

I'm talking to you right now on my server, if that is what you mean about if my server can get to the internet. :)

I'm talking to you right now on my server, if that is what you mean about if my server can get to the internet. :)

Exactly, ok, you know that is working. Now you need to make sure that the settings on your router are good (along with the firewall on the computer you are using).

Ok, good, we are making progress. lol

First, my router has too many settings. Should I open my ports in Virtual Server, QoS Engine and/or in Port Forwarding?

Also, I turn off my Windows Firewall for the time being.

Ok, good, we are making progress. lol

First, my router has too many settings. Should I open my ports in Virtual Server, QoS Engine and/or in Port Forwarding?
Well, try it in everything and see if you are able to access it with the external IP. If it works, then start dropping each one until it stops working.

You need both port 20 and 21 open to run an FTP. FTP uses one of them for handshaking or something, and the actual data is transfered on the other port. Do not "obtain IP automatically" on your server; set a static IP. If you want to access through the internet, you need to forward ports on your router, to your servers IP. Make 20 and 21 be the local port, and some high number be the remote (most ISP's block FTP ports for residential internet service).

I'm using DynDNS. Should I make my static IP the one I'm using through DynDNS?

EDIT- wait, nevermind, that wouldn't work because the router won't let me put in ip addresses other than 192.xxx.xxx.xxx

Also, how did I access it with my external IP?

God I hate networking. :bang head

Ok, TempliNocturnus says I need a static ip address, not the 192.xxx.xxx.xxx.

What ip address would I use?

EDIT- Forget about it. I'm getting a headache over this and I'll just educate myself on what I should do. Thanks for helping.

ftp uses port 21. Log into router and forward port 21 to the local comptuer that is hosting the ftp.

Then go to google and get your external IP address by searching for "whats my ip address". Then tell whoever you want to test to type ftp://"ip address from google"

If the server on your network is dynamically assigned the 192 address, its a good idea to make it always have the same ip address. You can set this up on the comptuer or the router. But get it working without the whole fuss of a static ip first then go more complicated.

ftp uses port 21. Log into router and forward port 21 to the local comptuer that is hosting the ftp.

Then go to google and get your external IP address by searching for "whats my ip address". Then tell whoever you want to test to type ftp://"ip address from google"

If the server on your network is dynamically assigned the 192 address, its a good idea to make it always have the same ip address. You can set this up on the comptuer or the router. But get it working without the whole fuss of a static ip first then go more complicated.

But I can't forward the port when the address starts with a 68.xxx.xxx.xxx

The router can only forward private address which is 192.xxx.xxx.xxx

Ok, here is the next best thing. I will remove the router and just go straight into the modem. Test it now.

ftp://192.168.1.95

User: test
Pass: test

no that won't work. 192.xxx. numbers are what you call non routable numebrs. Those are only used for internal home networks. You buy 1 ip address from your ISP. thats your external. So basically since you have more than one computer, you have to tell your router what computer has the ftp server.

So someone sends a request to you for ftp via ftp://"external ip address". now your router has the request for the ftp server. It now has to figure out which comptuer on your home network to send the request to. Thats what the port forwarding means.

So fromt he information you have given me thus far, you have to log into your router and in the port forwarding seciton. Input 192.168.1.95 for port 21.
Then use your 68.whatever number for the test.

I know this networking stuff can be hard but I'll tell you how mine is set up.

My external ip address is 24.34.193.23 . my ftp server has the ip address of 192.168.0.3. My router has to know that whenever an ftp request comes in from the internet, that it has to be "forwarded" to the right computer. So i log in and tell my router to forward port 21 to comptuer with Ip address 192.168.0.3.

Now when someone types in ftp://24.34.193.23 . my router will know that it is looking for the computer with ip address 192.168.0.3.

Sorry if I'm confusing you more.

Oh and make sure the windows firewall is off. GL. Keep trying, it will eventually click.

I think I get it now. :)

Ok, my server ip is now 192.168.0.146 and I got port 21 forward.

On Cerberus, the Interface 0 is set to that ip address. Shouldn't it be set on external one, which is 65.0.131.124?

Let me take a screenshot real quick. Thanks for helping me.

http://img256.imageshack.us/img256/308/cerberusre2.png

that looks fine. It detected your wan ip address correctly.
Interface 0 is just the first network card on yoru computer. And that has the ip address of 192.168.0.146

So now you just have to configure your router to forward port 21 to 192.168.0.146 and you're set!

Ok, done.

http://img357.imageshack.us/img357/7427/untitledoa9.png

Try it out.

ftp://65.0.131.124

Though, when I check my modem, it says that 192.168.1.95 / server is "inactive", under Connection Status.

Here is what is say from the modem:

http://img357.imageshack.us/img357/3739/inactivefq1.png

no joy :( . But getting closer. Your router seems to be setup fine, and your server seems fine. Do you have any other software firewalls on or anything? Maybe the windows firewall?

yeah your modem looks fine to. It jsut have the ip address of 192.whatever on your local network.

no joy :( . But getting closer. Your router seems to be setup fine, and your server seems fine. Do you have any other software firewalls on or anything? Maybe the windows firewall?

I turn off the windows firewall. Also I close my anti-virus program. That is it.

Try again.

Wait, it is a different ip now. Use this one ftp://70.149.244.111

Do I also need to set up NAT?

http://img517.imageshack.us/img517/5475/natrl2.png

give it a shot. COuldn't hurt.

Do I need to make it as a "host" or "dynamic" host device? And which IP address do I use?

is that on the router or the modem?

Modem.

So it looks like your modem might be blocking stuff. Is there a way to just ALLOW ALL INBOUND traffic on the modem? Whats happening now is that I believe you modem is also blocking the connection on port21. So browse around your modem and see if you can allow all traffic.

Here is the Firewall page on my modem.

Security Level

Help


Control outbound traffic initiated from within the local network.
Inbound traffic may be controlled by configuring Port Forwarding.
Internet Locked

Blocks all inbound and outbound traffic through the device.

Advanced

Only allows the following outbound protocols: HTTP, FTP, POP3, SMTP, IMAP, IMAPv3, DNS, HTTPS, IPSEC IKE, IPSEC ESP, NNTP

Basic

Allows all traffic to pass but protects against attacks utilized by the following protocols: NETBIOS, DNS, EMAP, SNMP, LDAP

None

Firewall is off (no security provided)

Custom

Custom settings
Advanced Firewall

NONE. choose no firewall setting for now. Your router can handle the firewall duty. no need for your mdoem to do it as well.

Ok, modem firewall is disable.

Also, do I need to change something on here on my router?

http://img184.imageshack.us/img184/2925/tcpsettingja2.png

Here is the run down on what those mean:

NAT Endpoint Filtering

The NAT Endpoint Filtering options control how the router's NAT manages incoming connection requests to ports that are already being used.

Endpoint Independent
Once a LAN-side application has created a connection through a specific port, the NAT will forward any incoming connection requests with the same port to the LAN-side application regardless of their origin. This is the least restrictive option, giving the best connectivity and allowing some applications (P2P applications in particular) to behave almost as if they are directly connected to the Internet.
Address Restricted
The NAT forwards incoming connection requests to a LAN-side host only when they come from the same IP address with which a connection was established. This allows the remote application to send data back through a port different from the one used when the outgoing session was created.
Port And Address Restricted
The NAT does not forward any incoming connection requests with the same port address as an already establish connection.

I'm thinking I have to change it to Endpoint Independent?

I would try port and access restiction. This should block all cincoming conencitons that you don't want, while still allowing the forwarded port to work. This keeps it safer. The other settings jsut don't seem safe at all. But if that doesn't work, give the endpointindependent a shot.

Try to see if you can connect.

ftp://70.149.244.111

ok that didn't work

You think Bellsouth is blocking port 21? Is there another port I can use?

you can use whatever port you want. Ummm, a lot of residential ISP block almost all ports.

If you try annother port you just have to tell the ftp program to look for a different port, and forward the other port in your router.

They when you tell someone to go to your ftp the address would eb ftp://"external ip address": port number .

When I go to GRC.com and run ShieldUp!, ports 0-1056 show as "stealth".

So that is telling me that Bellsouth is block that range. Now, what do you think is a good port to use? Something like 2121 or even higher?

yeah just randomly pick a port for now. Just to see if you can get it working. Hopefully there isn't a conflict with anythign else.

ftp://70.149.244.111:56212

I might as well give up if this doesn't work.

ftp://70.149.244.111:56212

I might as well give up if this doesn't work.

Can't connect...:(...saying timed out.

I hate Bellsouth. Can't get anything higher than 1.5 service and now I can't even share my files.

Is their no other way to share my files out to the internet?

hey by the way you should get your passive ports working. I have used cerberus myself and that is what I got it setup as. Somewhere in cerberus you can set your pasv port range. I set mine to 2000-2500. Then go to your router and have it forward ports 2000-2500 to your internal ip.

A quick lesson. Hopefully this clears some stuff up. Your cable company assigns you only one ip address (this is why on a cable modem you only have ONE ethernet port and not many). This is known as your external ip (ie the NON 192.xxx.xxx.xxx one). You can see that when you open up cerberus. Your router also assigns INTERNAL ips to all your computers (the 192.xxx.xxx.xxx ones).Your router then functions as a traffic cop. When traffic comes in he tells it where to go. Port forwarding says anytime a connection tries to come in on this port, it will be forwarded to this particular INTERNAL ip.

INTERNAL ips are assigned by the router and with the advent of wireless internet in particular these ips are "leased" to computers. You can set up your lease time to be anything you want i believe but what you REALLY want is to have your ftp server to have a internal ip that never changes. This is called a static ip, and you can setup your router to assign that one mac address (the xx-xx-xx-xx-xx-xx) one ip address that will never change. Then have it forward the incoming requests (from OUTSIDE your network) to that one static ip address (a 192.xxx.xxx.xxx address).

To sum up, I think you need to make sure that you forward both port 20 and 21 to that ftp internal ip address and setup your passive ports and then forward those as well (pasv have made my life much easier).

I will also be on AIM under FlyKicks9 if you want to talk there. (it would be quicker)

Yeah, I did all that: forward port 20 & 21 to internal IP, set my server a static IP, set port range for PASV for internal IP to 2000-2500...

ftp://70.149.244.111/

All in all, I think it comes down that my ISP blocks every port and there is nothing I can do. :(

Hey man that sucks. Some ISPs are wore than others. I have yet to run into a blocked port with Comcast. And I've had just about every type of server possible.

Hey man that sucks. Some ISPs are wore than others. I have yet to run into a blocked port with Comcast. And I've had just about every type of server possible.

qft. I have never had any problems with comcast either. On the other hand I had problems with Charter. You should try vnc out (a remote connection program) to see if they really do block ALL the ports.

Use canyouseeme.org. Place a computer in your routers DMZ, or directly connected to your modem, and test ports such as 1023 and 1024.

also check out www.dyndns.org its a free domain forwarding service for non static IPs. You make an accound and put a small app on your server that will update the IP stored on the domain forwarding server at dyndns to you current one every 5 min. You are given a small list of domains to choose from for free.

Point your browser at whatever your domain may be and it will connect you to your server. I use this on my webserver. www.internalvoice.hobby-site.com if its an ftp you would put ftp.nameofyouraccount.nameofdomain.com

I have an account with No-IP, but I can't connect to my domain. I get Server not found.

http://www.crafford.no-ip.biz/

I have an account with No-IP, but I can't connect to my domain. I get Server not found.

http://www.crafford.no-ip.biz/

Yeah so do I.

So how do you have this all set up?
Set the server with a static IP or reserve and IP in the router for it, then forward port 21 to it. Thats all you should need to do. (assuming the actuall server app is set up, and since you are able to access it from within the network it should be working). Also are you sure your ISP didnt block port 21, I know some ISPs block port 21, and 80 because they dont like people hosting servers.

You'd have to make sure that you have port 80 and 21 forwarded to your computer on its local network address. So you need to login to your router to do that. The best thing probably be to find your router documentation and see what it tells you to do for Port Forwarding.

I have a good feel my ISP blocks both 21 and 80. Is there an alternative port I can use?

use port 32462 worth a shot

Take a look at my router and I see if there are options I miss. I'm using Port Forwarding for opening my ports.

http://www.support.dlink.com/emulators/dir655/login.html

did you reserve your servers IP under DHCP reservation at the bottom of the network setup page?
http://www.auditmypc.com/
try their online port scan, I just did one and it reports that 80 is open wich is right for my webserver.

did you reserve your servers IP under DHCP reservation at the bottom of the network setup page?
http://www.auditmypc.com/
try their online port scan, I just did one and it reports that 80 is open wich is right for my webserver.

No, I did not. I'll do that right now.

Also, I ran that port scanner and it show me one port open.

2420 - DSL Remote Management.

Well, I just found out that port is used for my modem configuration. When I enter in my external ip with that port, it brings up my modem.

Forgot to ask, does your modem have a built in router? If so, that might be causing the issue because the port would get blocked by its firewall before it gets to your router.

Yes, but I have disabled the firewall long before this mess.

So is the modems router still running? Maybe you have to run a port forward through it as well?

Yes, but I have disabled the firewall long before this mess.I believe he was asking if your router had a firewall, just want to make sure you saw that.:beer:

So is the modems router still running? Maybe you have to run a port forward through it as well?

Didn't help either. No ports open.

Ok, I'm completely through with this. Unless there is another way to share my files, besides FTP. :(

dont Give up, I had the same problem on my first FTP server. If you cant get the ftp to work, nothing else is going to work either, you need to forward a port no matter what the protocol might be. I have a feeling it has to do with the modem, those modems with routers in em are a pain. Is there a way you can turn off the routing and use it as just a modem?

sorry to hear you are having so much trouble sagitta. You might want to try a different ftp program. It REALLY shouldnt make a difference but we are kind of getting down to something in your comp is really really weird, your modem's routing function is getting in the way, or your isp is a jerk.

I almost forgot that I have a spare dsl modem. It is a 2Wire, no router in it.

I'll try hooking that up without the Dlink router and see what happens. :)

Great news! Ran the port scan on Hackerwatch.org and the following ports were closed, but not blocked.

Secure - 139
Closed - 21, 23, 25, 79, 80, 110, 143, and 443

Now we know there is something wrong with the Westell modem. :)

I'm running Serv-U as my FTP server, but I always get a 530 error.

ftp://ftp.crafford.com

user: test
pass: test

Well the good news is i can see your server, but cant connect (unless you changes the user and pass from test). So far so good, the rest of the issues will probably be config issues with the program.

Im currently running cerberus FTP in case your wondering, I ran serv u before, but dont you need to buy a license for it?

Well the good news is i can see your server, but cant connect (unless you changes the user and pass from test). So far so good, the rest of the issues will probably be config issues with the program.

Im currently running cerberus FTP in case your wondering, I ran serv u before, but dont you need to buy a license for it?

Serv-U has a 30-day trial.

So, what do you think is causing the 530 error?

I dunno, I didnt ger a 503 error, but I wasnt able to log on with test:test
I got the login prompt window but the user/pass you supplied didnt work.

Well, if using the most basic FTP server there is to make this work, then so be it. I'm running Baby FTP right now. Go for it:

ftp://127.0.0.1

yeah thats the network loop back address. Wrong IP.

That is what Baby FTP set it up as. There is no way to change it in the settings.