阿里云搭建 ftp 服务器 200 PORT command successful. Consider using PASV. 425 Failed to establish connection

跟風遠走 提交于 2020-01-25 14:00:07

阿里云centos FTP 服务器 配置FTP为被动模式 报错
200 PORT command successful. Consider using PASV. 425 Failed to establish connection

翻译如下:
答案:
您正在以活动模式使用FTP。

由于防火墙和NAT,如今在活动模式下设置FTP可能很麻烦。

服务器可能无法连接回客户端以建立数据传输连接,这可能是由于您的本地防火墙或NAT所致。

或者您的客户端不知道其外部IP地址,而是向服务器提供了一个内部地址(在
PORT
命令中),而服务器显然无法使用该内部地址。但事实并非如此,因为vsftpd默认拒绝与FTP控制连接的源地址(
port_promiscuous
指令)不同的数据传输地址。

请参阅我的文章“活动模式的网络配置”。

如果可能,您应该使用被动模式,因为它通常不需要在客户端进行其他设置。这也是服务器通过“考虑使用PASV”向您建议的内容。这
PASV
是用于进入被动模式的FTP命令。

不幸的是,Windows FTP命令行客户端(
ftp.exe
)根本不支持被动模式。如今,它变得毫无用处。

请改用任何其他第三方Windows FTP命令行客户端。其他大多数支持被动模式。

例如,WinSCP FTP客户端默认为被动模式,并且提供了将Windows FTP脚本转换为WinSCP脚本的指南。

(我是WinSCP的作者)

答案:
实际上,您的窗口防火墙阻止了连接,因此您需要从管理员将这些命令输入cmd.exe。

1)netsh advfirewall防火墙添加规则名称=“ FTP” dir =正在执行=允许程序=%SystemRoot%\ System32 \ ftp.exe enable =是协议= tcp

2)netsh advfirewall防火墙添加规则名称=“ FTP” dir =正在执行=允许程序=%SystemRoot%\ System32 \ ftp.exe enable =是协议= udp

如果万一出了问题,您可以通过以下方式恢复:

1)netsh advfirewall防火墙删除规则名称=“ FTP”程序=%SystemRoot%\ System32 \ ftp.exe

Questions:
I have setup FTP server in Ubuntu 12.04 LTS.

Now when when I try to connect to FTP server from Windows 7 through command-line
ftp.exe
, I get successfully connected but I cannot get the list of directory. I get error

200 PORT command successful. Consider using PASV.
425 Failed to establish connection.
Answers:
Try using the
passive
command before using
ls
.

From FTP client, to check if the FTP server supports passive mode, after login, type
quote PASV
.

Following are connection examples to a vsftpd server with passive mode on and off

vsftpd
with
pasv_enable=NO
:

ftp localhost

Connected to localhost.localdomain.
220 (vsFTPd 2.3.5)
Name (localhost:john): anonymous
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> quote PASV
550 Permission denied.
ftp>
vsftpd
with
pasv_enable=YES
:

ftp localhost

Connected to localhost.localdomain.
220 (vsFTPd 2.3.5)
Name (localhost:john): anonymous
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> quote PASV
227 Entering Passive Mode (127,0,0,1,173,104).
ftp>
Answers:
You are using the FTP in an active mode.

Setting up the FTP in the active mode can be cumbersome nowadays due to firewalls and NATs.

It’s likely because of your local firewall or NAT that the server was not able to connect back to your client to establish data transfer connection.

Or your client is not aware of its external IP address and provides an internal address instead to the server (in
PORT
command), which the server is obviously not able to use. But it should not be the case, as vsftpd by default rejects data transfer address not identical to source address of FTP control connection (the
port_promiscuous
directive).

See my article Network Configuration for Active Mode.

If possible, you should use a passive mode as it typically requires no additional setup on a client-side. That’s also what the server suggested you by “Consider using PASV”. The
PASV
is an FTP command used to enter the passive mode.

Unfortunately Windows FTP command-line client (the
ftp.exe
) does not support passive mode at all. It makes it pretty useless nowadays.

Use any other 3rd party Windows FTP command-line client instead. Most other support the passive mode.

For example WinSCP FTP client defaults to the passive mode and there’s a guide available for converting Windows FTP script to WinSCP script.

(I’m the author of WinSCP)

Answers:
Actually your window firewall blocking the connection so you need to Enter these commands into cmd.exe from Administrator.

  1. netsh advfirewall firewall add rule name=”FTP” dir=in action=allow program=%SystemRoot%\System32\ftp.exe enable=yes protocol=tcp

  2. netsh advfirewall firewall add rule name=”FTP” dir=in action=allow program=%SystemRoot%\System32\ftp.exe enable=yes protocol=udp

if in case something goes wrong then you can revert by this:

  1. netsh advfirewall firewall delete rule name=”FTP” program=%SystemRoot%\System32\ftp.exe
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!