I'm setting up a secure FTP server on an Ubuntu 16.04 machine on Azure. It's FTP over TLS, with anonymous access disabled.
Trying to use the server using Filezilla works fine – authentication, transfer, directory listing – everything… except I get the following warning from Filezilla:
Server sent passive reply with unroutable address. Using server
address instead.
Sure, that makes sense – the VM has a private IP address, and in passive mode, it sends that private IP address to the client. The solution – add the following to vsftp.conf (this is an example, not the actual configuration):
pasv_enable=YES
port_enable=YES
#The VM allows connections to ports 12345 & 12346 - remember, this is an example
pasv_min_port=12345
pasv_max_port=12346
#The VM's domain name
pasv_address=myftpservervm.cloudapp.net
#Make vsftp resolve myftpservervm.cloudapp.net and send that IP address to clients
pasv_addr_resolve=YES
Then I restart vsftp, and… nothing happens. I still get these:
Server sent passive reply with unroutable address. Using server
address instead.
I even tried setting pasv_address to the exact (external) IP address of the server (with and without pasv_addr_resolve=YES) and the result is the same.
Am I missing something?
I'm using vsftpd 3.0.3 (from the Ubuntu repo) with Filezilla 3.24.0 on Ubuntu 16.04 x64
Edit:
Apparently vsftp sends an IP address of 0.0.0.0 when entering passive mode. This issue seems relevant.
Best Answer
I test in my lab, at first I met the same problem as you. I checked as the following steps:
1.
netstat -antI get the following resultBased on my experience, ftp should be listening on
tcpnottcp6on Azure VM2.I try to change the configuration file
/etc/vsftpd.conf.Then I restart ftp service and check by using
netstat -antNotes: You should open ports 20,21,12345-12346 on Azure NSG(Inbound rule)