Error FTP

[Solved] The data connection could not be established: ECONNREFUSED – Connection refused by server

Error FTPWhen I try to setup FTP server behind firewall I had a problem with the following log:

Command: PASV
Response: 227 Entering Passive Mode (10,0,0,2,24,245).
Status: Server sent passive reply with unroutable address. Using server address instead.
Command: LIST
Error: The data connection could not be established: ECONNREFUSED – Connection refused by server
Error: Connection timed out
Error: Failed to retrieve directory listing

Based on error message and ftp client log I found that the problem is client can’t find server address while entering into passive mode. Please see below to solved this problem:

1. Add the following NAT rules to ensure tcp request to IP Public will forwarded to internal IP or DMZ IP’s

iptables -A PREROUTING -d 202.xx.xx.xx/32 -p tcp -m tcp –dport 21 -j DNAT –to-destination 192.168.1.10:21
iptables -A PREROUTING -d 202.xx.xx.xx/32 -p tcp -m tcp –dport 6000:7000 -j DNAT –to-destination 192.168.1.10

2. Make sure the VSFTPD support passive mode:

port_promiscuous=YES
pasv_addr_resolve=NO
pasv_address=192.168.1.10
pasv_min_port=6000
pasv_max_port=7000

3. Save vsftpd.conf and restart the service:

# service vsftpd restart

Hope this help :)

2 thoughts on “[Solved] The data connection could not be established: ECONNREFUSED – Connection refused by server

Leave a Reply

Your email address will not be published. Required fields are marked *


*