NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
FTPS access over WAN?
Setting up a FTP connection over WAN to a ReadyNAS device can be very tricky. After some time I found a solution and posted it here. But I have noticed that it's possible to login over FTPS locally, ...
First comparing the logs proftpd.log and tls.log for differences when logging in an out with FTPS over LAN resp WAN.
FTPS over LAN - proftpd.log
FTPS over LAN - tls.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Ok let's move on to connecting over WAN.
FTPS over WAN - proftpd.log
FTPS over WAN - tls.log
FTPS over LAN - proftpd.log
# tail -f /var/log/proftpd.log
Jan 28 15:33:01 duo proftpd[29900] 10.0.1.160 (10.0.1.15[10.0.1.15]): FTP session opened.
Jan 28 14:33:05 duo proftpd[29900] 10.0.1.160 (10.0.1.15[10.0.1.15]): Preparing to chroot to directory '/home/ftp'
Jan 28 14:33:05 duo proftpd[29900] 10.0.1.160 (10.0.1.15[10.0.1.15]): USER bob: Login successful.
Jan 28 14:33:14 duo proftpd[29900] 10.0.1.160 (10.0.1.15[10.0.1.15]): FTP session closed.
FTPS over LAN - tls.log
# tail -f /var/ftpd/tls.logEverything works fine. But notice the differnces in time, the hour should be 14 for all events.
Jan 28 15:33:01 mod_tls/2.4.2[29900]: using default OpenSSL verification locations (see $SSL_CERT_DIR environment variable)
Jan 28 15:33:01 mod_tls/2.4.2[29900]: TLS/TLS-C requested, starting TLS handshake
Jan 28 15:33:02 mod_tls/2.4.2[29900]: TLSv1/SSLv3 connection accepted, using cipher AES128-SHA (128 bits)
Jan 28 15:33:04 mod_tls/2.4.2[29900]: Protection set to Private
Jan 28 14:33:06 mod_tls/2.4.2[29900]: starting TLS negotiation on data connection
Jan 28 14:33:06 mod_tls/2.4.2[29900]: TLSv1/SSLv3 renegotiation accepted, using cipher AES128-SHA (128 bits)
Jan 28 14:33:06 mod_tls/2.4.2[29900]: TLSv1/SSLv3 data connection accepted, using cipher AES128-SHA (128 bits)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Ok let's move on to connecting over WAN.
FTPS over WAN - proftpd.log
# tail -f /var/log/proftpd.logResult: The connection could not be established.
Jan 28 15:45:19 duo proftpd[29939] 10.0.1.160 (119.78.39.30[119.78.39.30]): FTP session opened.
Jan 28 15:45:20 duo proftpd[29939] 10.0.1.160 (119.78.39.30[119.78.39.30]): FTP session closed.
FTPS over WAN - tls.log
# tail -f /var/ftpd/tls.logResult: The connection could not be established.
Jan 28 15:45:19 mod_tls/2.4.2[29939]: using default OpenSSL verification locations (see $SSL_CERT_DIR environment variable)
Jan 28 15:45:20 mod_tls/2.4.2[29939]: TLS/TLS-C requested, starting TLS handshake
Jan 28 15:45:20 mod_tls/2.4.2[29939]: unable to accept TLS connection: received EOF that violates protocol
Jan 28 15:45:20 mod_tls/2.4.2[29939]: TLS/TLS-C negotiation failed on control channel
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
