Customers With Disabilities
  • RESIDENTIAL
  • BUSINESS

    Verizon Business Sites

  • WIRELESS
Reply
Contributor
red5ft9
Posts: 1
Registered: ‎12-11-2008
0 Kudos

Allowing FTP

Hello there,

 

I'm trying to set up my FIOS router to accept both incoming and outgoing FTP. So I have done the Port Forwarding (to port 20/21) and I can now connect to my FTP server from outisde my network. However, I can't pull down a list of folders. It's like the outgoing part is being blocked.

 

When I check the router's security log it says the following:

 

 

Outbound Traffic - Blocked NAT out failed - First packet in connection is not a SYN packet: TCP 192.168.1.1:80->192.168.1.2:54106 on br0

 

Does anyone know how to fix this?

 

Thanks,

 

Helen

 

 

Nickel Contributor
G-Pon
Posts: 95
Registered: ‎12-07-2008

Re: Allowing FTP

Port 80 is explicitly blocked on recreational home residential accounts by most providers who offer any kind of robust bandwidth at all. Verizon is not alone in this. Port Forwarding is helpful to some applications, Verizon does not prohibit this, www.portforwarding.com is my favorite resource for this, good advice & good forums there too.

You may ultimately need a commercial account. FTP and TCP/IP are different protocols and I am less familiar with FTP, but there may be parts of the FTP send or acknowledge (of data packets) that utilize only port 80 no matter what port you intend most of the data to travel over. Maybe someone more familiar with the FTP protocol will post for us. But I am not optimistic that it can be done given that the error is at the stage of synchronizing the transmission of the data set.

Splansing on Fix-Ya had a good idea, he found no-ip.com, which, for $25/year, will "host" a simple redirect for anyone!

If you would like aid in negotiating the Verizon options of obtaining a static IP address and/or commercial status to open everything up send a message privately on this forum and I can help with that (you will not need a commercial address or a yellow pages ad etc.).

 

Contributor
linus
Posts: 7
Registered: ‎03-07-2009
Device: FiOS
Location: Alexandria, VA
0 Kudos

Re: Allowing FTP


G-Pon wrote:
...but there may be parts of the FTP send or acknowledge (of data packets) that utilize only port 80 no matter what port you intend most of the data to travel over.

 


FTP-expert here.  :-)

 

FTP does not utilize port 80.  It uses ports 20 and 21.  But you can always set up port-forwarding without changing your server.  Have your verizon router redirect ports 2220 and 2221 to your machine on ports 20 and 21.  If you need directions on how to do this, let me know and I'll see what I can do for you.

Employee
CharlesH
Posts: 895
Registered: ‎12-01-2008
Location: New Jersey
0 Kudos

Re: Allowing FTP

Yeh, 21 for sending data, port 20 for control. That's all you should need to do.  Check your computer's firewall aswell!
Contributor
linus
Posts: 7
Registered: ‎03-07-2009
Device: FiOS
Location: Alexandria, VA
0 Kudos

Re: Allowing FTP

Actually, I think it's the other way around.

 

Port 20 is for data and Port 21 is for control.  But it's details that the OP doesn't need to be conserned with.  ;-)

Employee
CharlesH
Posts: 895
Registered: ‎12-01-2008
Location: New Jersey
0 Kudos

Re: Allowing FTP

I tried! lol
Platinum Contributor I
prisaz
Posts: 6,811
Registered: ‎08-23-2008
0 Kudos

Re: Allowing FTP

[ Edited ]

I found that dyndns.org will do redirects and dns for free. I had it for a while and used it for remote desktop. I also had NO-IP and used it for my own .com domain. But decided free was ok since it was for personal use, and my host with their domain name was fine for my use.

 

http://www.dyndns.com/services/dns/dyndns/

 

 

The message quoted below does not apper to be related to FTP and I see it quite often on outbound web site queries. Issues with the TCP/IP stack and not knowing when the window starts and stops. Dynamic scaling or something. Gets rather complex. Usually the connection just resends the packet. Not very efficient.

 

Outbound Traffic - Blocked NAT out failed - First packet in connection is not a SYN packet: TCP 192.168.1.1:80->192.168.1.2:54106 on br0

Message Edited by prisaz on 03-21-2009 01:38 PM
Platinum Contributor I
prisaz
Posts: 6,811
Registered: ‎08-23-2008
0 Kudos

Re: Allowing FTP


prisaz wrote:

I found that dyndns.org will do redirects and dns for free. I had it for a while and used it for remote desktop. I also had NO-IP and used it for my own .com domain. But decided free was ok since it was for personal use, and my host with their domain name was fine for my use.

 

http://www.dyndns.com/services/dns/dyndns/

 

 

The message quoted below does not apper to be related to FTP and I see it quite often on outbound web site queries. Issues with the TCP/IP stack and not knowing when the window starts and stops. Dynamic scaling or something. Gets rather complex. Usually the connection just resends the packet. Not very efficient.

 

Outbound Traffic - Blocked NAT out failed - First packet in connection is not a SYN packet: TCP 192.168.1.1:80->192.168.1.2:54106 on br0

Message Edited by prisaz on 03-21-2009 01:38 PM

G-PON is correct about NO-IP doing redirects. I just set up my free dyndns account and redirects are not supported with the free service. But I also setup a FTP server and port 21 was not blocked. The port fowarding works if the server and router with port forwarding are configured properly.

Silver Contributor IV
TimSykes
Posts: 1,059
Registered: ‎10-21-2008
Device: Google G1
Plan: 20/5
Location: New York
0 Kudos

Re: Allowing FTP

I have had FTP running under my fios service without any issues. The only posts that are blocked that I know of is for SMTP 25, and HTTP 80, 8080
 

Account & Services

  • Pay Bill
  • Add/Change Services
  • Manage My Rewards+
  • Renew Your Contract
  • Manage Services
  • Visual 411

Email, News & TV

  • Check Email
  • Announcements

Support Tools