Results 1 to 10 of 10

Thread: HowTo: ProFTPD Behind NAT

Hybrid View

  1. #1
    Join Date
    Apr 2005
    Beans
    116
    Distro
    Ubuntu 8.04 Hardy Heron

    HowTo: ProFTPD Behind NAT

    This HowTo should be pretty short and sweet. I searched all over trying to figure out how to get PASV FTP to work behind a NAT router like a Linksys or any similar home networking router. It really isn't that hard just a couple of commands to the configuration file and some port forwarding on the router.

    Well let's get started first you need to have ProFTPD installed so in a terminal on the server type the following commands.

    Code:
    sudo apt-get install proftpd
    That will install the two packages you need to run ProFTP. Now we need to edit the configuration file so that the FTP server will work behind NAT. So still in the terminal on the server enter the following command.

    Code:
    sudo nano /etc/proftpd.conf
    That will bring up the configuration file, at the end of the file add the following lines.

    Code:
    PassivePorts 60000 60100
    
    MasqueradeAddress YourSiteName.com
    MasqueradeAddress xxx.xxx.xxx.xxx
    The PassivePorts command we entered there allows 100 concurrent connection which should be enough for most home users. Those are the ports we are going to have to forward to the FTP server on the router. Replace the xxx.xxx.xxx.xxx with the routers public IP address you can usually find this on the routers status page or you can simply go to http://www.ipchicken.com/ which will tell you your public IP address.

    Still in the terminal on the server we have to restart ProFTPD so that the configuration changes will take effect. Enter the following on the command line.

    Code:
    sudo /etc/rc.d/init.d/proftpd restart
    Now we have to forward the PassivePorts on the router. Login to your router click on the advanced tab then the forwarding tab. Enter in the port range we specified in the configuration file then check the TCP box UDP does not need to be enabled then enter the IP address of the FTP server and click enable. Click the "Apply button and your done on the router. Note if you are using a different brand router the process should be similar this is the setup on a Linksys router.

    That should do it your FTP server should work behind your NAT router. There is one drawback to this if you have a dynamic IP address from your ISP you will need to update the address in your configuration file whenever it changes.
    "Beer is proof that God loves us and wants us to prosper." - Ben Franklin
    "Never argue with an idiot; they'll drag you down to their level and beat you with experience."

  2. #2
    Join Date
    Jun 2005
    Location
    USA
    Beans
    103
    Distro
    Dapper Drake Testing/

    Re: HowTo: ProFTPD Behind NAT

    Thanks, works for me. Almost all the people I host access through passive FTP, so this is invaluable in my move from a Windows host to Ubuntu.
    Want an invite to Gmail? Email or PM me!

  3. #3
    Join Date
    Apr 2006
    Location
    Houston Texas
    Beans
    16
    Distro
    Ubuntu 6.06 Dapper

    Re: HowTo: ProFTPD Behind NAT

    thanks for the code, this solved my proftp nat issue!

  4. #4
    Join Date
    Nov 2006
    Beans
    20
    Distro
    Kubuntu 6.10 Edgy

    Question Re: HowTo: ProFTPD Behind NAT

    Hi!

    I've setup my ftp server and everything works ok... but only in mi local LAN.
    I've dynamic IP address, and I've got a dyndns domain with ddclient.
    My ftp port and passive ports are open in my router configuration, and I added
    Code:
    MasqueradeAddress mydomain.serveftp.org
    PassivePorts 60000 60100
    to the proftpd.conf file.
    When I start proftp I get
    Code:
    balder@PortatilBalder:~$ sudo /etc/init.d/proftpd restart
    Password:
     * Stopping ftp server proftpd                                                                                                          [ ok ]
     * Starting ftp server proftpd
    - IPv6 getaddrinfo 'PortatilBalder' error: Name or service not known
    PortatilBalder - 127.0.1.1:2000 masquerading as 192.168.1.2 [ ok ]
    Is that an error or it's ok?
    My ftp site can't be accessed from outside my NAT right now and I really need it to work as soon as possible.
    Thanks
    Attached Files Attached Files

  5. #5
    Join Date
    Jun 2006
    Beans
    5

    Talking Re: HowTo: ProFTPD Behind NAT

    It reads:
    less /usr/share/doc/proftpd/README.Debian

    - add your servername in line:
    sudo vi /etc/hosts

    127.0.0.1 localhost
    127.0.1.1 my-server

    # The following lines are desirable for IPv6 capable hosts
    ::1 ip6-localhost ip6-loopback my-server
    fe00::0 ip6-localnet
    ff00::0 ip6-mcastprefix
    ff02::1 ip6-allnodes
    ff02::2 ip6-allrouters
    ff02::3 ip6-allhosts

  6. #6
    Join Date
    Oct 2006
    Beans
    37
    Distro
    Xubuntu 6.10 Edgy

    Re: HowTo: ProFTPD Behind NAT

    Please update for Edgy?

    Apparently "sudo /etc/rc.d/init.d/proftpd restart" doesn't work, as there are only /etc/rc#, not /etc/rc.d entries. Could you also put in the updates for using inetd/xinetd, or at least a reference to what does/doesn't need to be done?

    thanks!

  7. #7
    Join Date
    Nov 2006
    Beans
    Hidden!

    Question Re: HowTo: ProFTPD Behind NAT

    I followed your instructions and set up my masqueradeaddress to be my domain name (dyndns).
    I am using a weird port (4221) for login, and ports 4290 through 4299 for ftp pasv.

    When I start the server, it tells me
    Code:
    ubuntu-server - 127.0.1.1:4221 masquerading as my.external.ip
    Which should be ok.
    When I try to log in to my server, however, at ftp://ftp.my.dyndns.domain:4221 the client times out after trying to connect for a good minute.

    My config is attached.

    It's not dyndns' fault. I use apache and azureus' webUI with no problems. SSH works as well.
    I am using Hardy Heron


    Thanks in advance!
    Attached Files Attached Files
    Last edited by neutrino15; May 23rd, 2008 at 08:52 PM.

  8. #8
    Join Date
    Oct 2009
    Beans
    4

    Re: HowTo: ProFTPD Behind NAT

    Hi,

    I have followed the instructions to setup ProFTPD to work behind a NAT and have so far only managed to connect from local machines. I am currently using a local file server with Ubuntu Server installed so I can access all my music locally but I also need to be able to FTP to the server when I am away from the home network.

    Now currently, I have PassivePorts directive set to 60000 60100 and the Port directive to 1980. I have my Masquerade address set to xxxxxxxxxx.homeftp.net and am using a Netgear WRN2000 Router for my home network. I have a static IP assigned to the server although all other devices have their IP addresses assigned Dynamically by the router. When I try to connect using the DynDNS hostname in CrossFTP or from a Finder folder on my Mac I get no joy but if I connect using FTP with the 192.xxx.xxx.xxx private address it seems to be fine.

    Any clues anyone, I have been reading the net all day.

    Thanks in advance.

    Liam

  9. #9
    Join Date
    Oct 2009
    Beans
    4

    Re: HowTo: ProFTPD Behind NAT

    Quote Originally Posted by djliamtate View Post
    Hi,

    I have followed the instructions to setup ProFTPD to work behind a NAT and have so far only managed to connect from local machines. I am currently using a local file server with Ubuntu Server installed so I can access all my music locally but I also need to be able to FTP to the server when I am away from the home network.

    Now currently, I have PassivePorts directive set to 60000 60100 and the Port directive to 1980. I have my Masquerade address set to xxxxxxxxxx.homeftp.net and am using a Netgear WRN2000 Router for my home network. I have a static IP assigned to the server although all other devices have their IP addresses assigned Dynamically by the router. When I try to connect using the DynDNS hostname in CrossFTP or from a Finder folder on my Mac I get no joy but if I connect using FTP with the 192.xxx.xxx.xxx private address it seems to be fine.

    Any clues anyone, I have been reading the net all day.

    Thanks in advance.

    Liam
    I changed all the directories but because I "cut and paste" I forgot to change something. How annoying is it when you don't read something properly and it takes you hours to figure it out huh?

  10. #10
    Join Date
    Sep 2009
    Beans
    18

    Re: HowTo: ProFTPD Behind NAT

    I'm also trying to make a ftp server

    My modem is Zyxel P-661HW-D1
    i used proftpd and try to set up the conf file.
    i've added
    PassivePorts 60000 60100

    MasqueradeAddress 85.103.159.187
    but that doesn't work.

    local ip of the computer is 192.168.1.33 and the ip of the router is 85.103.159.187
    i don't have a dns server so i didn't add the dns part of the masquerade is it wrong?

    Can you help me about that?
    i've attached the conf file.
    Attached Files Attached Files

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •