Opened 16 years ago

Last modified 16 years ago

#3114 closed Bug report

FTPES behind NAT uses internal address

Reported by: rotorman Owned by:
Priority: normal Component: Other
Keywords: Cc: rotorman, Tim Kosse
Component version: Operating system type:
Operating system version:


I have posted this post before, now posting it with debug logs as required.

Using FileZilla 3.0.0-beta5, connecting to Synology DS-106 (, with FTP-SSL support. DSL router has port forwarding on external 21->internal 21 and passiv port range 55536-56559 to internal configured.

All runs fine in LAN (FTP and FTPES connections).

When connecting with FTPES from WAN to a "misconfigured" FTP server behind a NAT that reports its internal address, the connection uses PASV(internal IP,PORT) even if under Settings -> Connection -> Passive mode the radio box is on "Use the server's external IP address instead".

Connection works with plain FTP over WAN (in this case FileZilla uses correctly the external address - the address of NAT box), all goes unfortunately plain-text over the network this wan :(

Attached are 3 logs in ASCII (zipped as one file).
Log1 - LAN FTPES, success
Log2 - WAN FTPES, failure by LIST
Log3 - WAN FTP, success

Attachments (1) (2.9 KB ) - added by rotorman 16 years ago.
Debug Logs (3), FTPES LAN, FTPES WAN (failure), FTP WAN

Download all attachments as: .zip

Change History (2)

by rotorman, 16 years ago

Attachment: added

Debug Logs (3), FTPES LAN, FTPES WAN (failure), FTP WAN

comment:1 by Tim Kosse, 16 years ago

Command: PASV
Response: 227 Entering Passive Mode (192,168,77,8,220,58)
Trace: Server sent passive reply with unroutable address. Using server address instead.
Command: LIST
Error: Connection timed out

Misconfigured server. According to the logs, FileZilla properly falls back to the external IP address. Try using active mode or contact the server administrator.

Note: See TracTickets for help on using tickets.