Allowing FTP
red5ft9
Newbie

Hello there,

I'm trying to set up my FIOS router to accept both incoming and outgoing FTP. So I have done the Port Forwarding (to port 20/21) and I can now connect to my FTP server from outisde my network. However, I can't pull down a list of folders. It's like the outgoing part is being blocked.

When I check the router's security log it says the following:

Outbound Traffic - Blocked NAT out failed - First packet in connection is not a SYN packet: TCP 192.168.1.1:80->192.168.1.2:54106 on br0

Does anyone know how to fix this?

Thanks,

Helen

Tags (1)
0 Likes
Re: Allowing FTP
G-Pon
Contributor - Level 1

Port 80 is explicitly blocked on recreational home residential accounts by most providers who offer any kind of robust bandwidth at all. Verizon is not alone in this. Port Forwarding is helpful to some applications, Verizon does not prohibit this, www.portforwarding.com is my favorite resource for this, good advice & good forums there too.

You may ultimately need a commercial account. FTP and TCP/IP are different protocols and I am less familiar with FTP, but there may be parts of the FTP send or acknowledge (of data packets) that utilize only port 80 no matter what port you intend most of the data to travel over. Maybe someone more familiar with the FTP protocol will post for us. But I am not optimistic that it can be done given that the error is at the stage of synchronizing the transmission of the data set.

Splansing on Fix-Ya had a good idea, he found no-ip.com, which, for $25/year, will "host" a simple redirect for anyone!

If you would like aid in negotiating the Verizon options of obtaining a static IP address and/or commercial status to open everything up send a message privately on this forum and I can help with that (you will not need a commercial address or a yellow pages ad etc.).

Re: Allowing FTP
linus
Newbie

@G-Pon wrote:
...but there may be parts of the FTP send or acknowledge (of data packets) that utilize only port 80 no matter what port you intend most of the data to travel over.

FTP-expert here.  🙂

FTP does not utilize port 80.  It uses ports 20 and 21.  But you can always set up port-forwarding without changing your server.  Have your verizon router redirect ports 2220 and 2221 to your machine on ports 20 and 21.  If you need directions on how to do this, let me know and I'll see what I can do for you.

0 Likes
Re: Allowing FTP
CharlesH
Specialist - Level 1
Yeh, 21 for sending data, port 20 for control. That's all you should need to do.  Check your computer's firewall aswell!
0 Likes
Re: Allowing FTP
linus
Newbie

Actually, I think it's the other way around.

Port 20 is for data and Port 21 is for control.  But it's details that the OP doesn't need to be conserned with.  😉

0 Likes
Re: Allowing FTP
CharlesH
Specialist - Level 1
I tried! lol
0 Likes
Re: Allowing FTP
prisaz
Legend

I found that dyndns.org will do redirects and dns for free. I had it for a while and used it for remote desktop. I also had NO-IP and used it for my own .com domain. But decided free was ok since it was for personal use, and my host with their domain name was fine for my use.

http://www.dyndns.com/services/dns/dyndns/

The message quoted below does not apper to be related to FTP and I see it quite often on outbound web site queries. Issues with the TCP/IP stack and not knowing when the window starts and stops. Dynamic scaling or something. Gets rather complex. Usually the connection just resends the packet. Not very efficient.

Outbound Traffic - Blocked NAT out failed - First packet in connection is not a SYN packet: TCP 192.168.1.1:80->192.168.1.2:54106 on br0

Message Edited by prisaz on 03-21-2009 01:38 PM
0 Likes
Re: Allowing FTP
prisaz
Legend

@prisaz wrote:

I found that dyndns.org will do redirects and dns for free. I had it for a while and used it for remote desktop. I also had NO-IP and used it for my own .com domain. But decided free was ok since it was for personal use, and my host with their domain name was fine for my use.

http://www.dyndns.com/services/dns/dyndns/

The message quoted below does not apper to be related to FTP and I see it quite often on outbound web site queries. Issues with the TCP/IP stack and not knowing when the window starts and stops. Dynamic scaling or something. Gets rather complex. Usually the connection just resends the packet. Not very efficient.

Outbound Traffic - Blocked NAT out failed - First packet in connection is not a SYN packet: TCP 192.168.1.1:80->192.168.1.2:54106 on br0

Message Edited by prisaz on 03-21-2009 01:38 PM

G-PON is correct about NO-IP doing redirects. I just set up my free dyndns account and redirects are not supported with the free service. But I also setup a FTP server and port 21 was not blocked. The port fowarding works if the server and router with port forwarding are configured properly.

0 Likes
Re: Allowing FTP
TimSykes
Specialist - Level 2
I have had FTP running under my fios service without any issues. The only posts that are blocked that I know of is for SMTP 25, and HTTP 80, 8080
0 Likes