FTP working locally but not remote

Moderator: Lillian.W@AST

Post Reply
Sean Pocock
Posts: 3
youtube meble na wymiar Warszawa
Joined: Fri Feb 25, 2022 1:30 am

FTP working locally but not remote

Post by Sean Pocock »

Hi everyone.

This is on an AS3304T

My issue is pretty much as the title really. FTP has been working for ages without any issues. But for the last few weeks it's playing up. If I an connected to my local network (iPhone on WIFI) I can access FTP via the local IP address and the WAN IP address. However, if I connect to the 4G/5G network I can not access FTP.

I have rebooted everything, double checked my port forward on the router (Virgin Media Hub 4.0). Tried two different iPhone Apps. I've cleared the blacklist in ADM Defender (The last auto blacklist entry was on 1st May. I normally have one new entry every couple of days!!)

I have created a support ticket but thought I would try here as well. Can't add pictures as the board quota ras been reached!!

Can anyone help?

Sean
User avatar
Nazar78
Posts: 2002
Joined: Wed Jul 17, 2019 10:21 pm
Location: Singapore
Contact:

Re: FTP working locally but not remote

Post by Nazar78 »

As an advise, FTP is totally insecure to be used over the WAN. If you were to access your NAS from a public access point which has been compromised, or even your house Wi-Fi with a rogue device connected, the clear text username/password can be clearly seen from a MITM (man-in-the-middle) attacks like ARP poisoning. Another is net bots trying to gain access to your FTP using dictionary attacks, ADM Defender might get unlucky at certain point. The least is use VPN to access your local network.

Back to the topic. The NAS is not the issue here since you can access it locally.

1. Try using static IP instead of DHCP? Assign a static IP to the NAS and use this IP for the port forwarding.

2. On the same network, test your FTP port external access using https://canyouseeme.org/. It would also possibly your mobile network is blocking the FTP port access, try testing a plain HTTP port 80 if that works.
AS5304T - 16GB DDR4 - ADM-OS modded on 2GB RAM
Internal:
- 4x10TB Toshiba RAID10 Ext4-Journal=Off
External 5 Bay USB3:
- 4x2TB Seagate modded RAID0 Btrfs-Compression
- 480GB Intel SSD for modded dm-cache (initramfs auto update patch) and Apps

When posting, consider checking the box "Notify me when a reply is posted" to get faster response
Sean Pocock
Posts: 3
Joined: Fri Feb 25, 2022 1:30 am

Re: FTP working locally but not remote

Post by Sean Pocock »

Hi Nazar,

I have just set up the SFTP to try that. Again it works via the WAN IP if connected to the local network. But not if connected to 4G/5G

I have a static IP assigned to the NAS and the port forwards for FTP and SFTP are set correctly.

I have checked the ports 21 and 2222 with canyouseeme.org and they can both be seen OK.

How would I go about testing port 80? Would I need to configure the web server in Web Center?

I am going to try putting the Virgin Media Router in Modem mode in a couple of days and add a separate router, just to rule out the Virgin Hub 4.0

Thanks for your reply.

Sean :)
User avatar
Nazar78
Posts: 2002
Joined: Wed Jul 17, 2019 10:21 pm
Location: Singapore
Contact:

Re: FTP working locally but not remote

Post by Nazar78 »

Sean Pocock wrote:I have checked the ports 21 and 2222 with canyouseeme.org and they can both be seen OK.
There's the proof your 4G/5G mobile network provider is blocking connecting to the ftp port. Nothing wrong with the NAS or router setup because canyouseeme.org can connect to your ports 21/2222. Think your mobile provider will only allow to connect to standard HTTP ports 80/443, you'll need to check with them. I've encountered this sometimes when travelling. So instead of using FTPS/SFTP, I use WebDAV HTTPS via reverse proxy using the port 443.
Sean Pocock wrote:How would I go about testing port 80? Would I need to configure the web server in Web Center?
Yes, setup a simple website then forward the port 80 from your router to the NAS.
AS5304T - 16GB DDR4 - ADM-OS modded on 2GB RAM
Internal:
- 4x10TB Toshiba RAID10 Ext4-Journal=Off
External 5 Bay USB3:
- 4x2TB Seagate modded RAID0 Btrfs-Compression
- 480GB Intel SSD for modded dm-cache (initramfs auto update patch) and Apps

When posting, consider checking the box "Notify me when a reply is posted" to get faster response
User avatar
father.mande
Posts: 1810
Joined: Sat Sep 12, 2015 2:55 am
Location: La Rochelle (France)

Re: FTP working locally but not remote

Post by father.mande »

Hi,

For my own usage (travel, multiples sites, different provider, I use a tailscale network (apkg tailscale-native)
A tailnet is like a private IP LAN, so your device (Windows, Android, Linux (I never tests IOS and Mac) are view as a local LAN, so I can use FTP, SMB (share), etc. EVEN without encryption or HTTPS because tailnet is completely encrypted by wireguard from end to end.

Tailscale can have a private DNS support, tailnet use NAT traversal or relay (without decryption), so no need to open port, nor for the server no more for the client ... and know ports are not used, so I can pass though all my provider. each connection is direct.
I use also it as a site to site connection (with access for non tailscale node to the others nodes (routing).

It's easy to manage (administration) and other lot of other possibilities (sh, service provider, etc.
and you are alone to manage your node, client, server, keys expiration (or not) etc. etc.

Philippe.
AS6602T / AS5202T /AS5002T / AS1002T / FS6706T
Post Reply

Return to “[Official] For AS31XX/ AS32XX Series”