Backing up to FTP server using FTPS

This forum is for anyone experiencing problems related to their firewall settings. More specifically, anyone experiecing connection issues should take a look at this forum.
Post Reply
dkleppe
User
Posts: 11
Joined: Fri Apr 10, 2015 11:11 am

Backing up to FTP server using FTPS

Post by dkleppe » Tue Apr 21, 2015 4:03 pm

I'm trying to backup my web filter and spam filter to the Cerberus FTP Server using FTPS, but i can't get it to work. These are the results from the log file:

2015/04/21 15:42:45 [10780] Incoming connection request on FTPS interface 57 at 192.168.10.12
2015/04/21 15:42:45 [10780] FTPS connection request accepted from 192.168.10.5
2015/04/21 15:44:16 [10780] Timeout while waiting for SSL connection
2015/04/21 15:44:16 [10780] Unable to establish secure FTPS connection
2015/04/21 15:44:16 [10780] Connection terminated

User avatar
Serin
Site Administrator
Posts: 1785
Joined: Sat Jan 01, 2005 6:57 pm
Location: United States
Contact:

Re: Backing up to FTP server using FTPS

Post by Serin » Thu Apr 30, 2015 12:41 pm

Its not an FTPS connection. The connection is established, but there isn't even an SSL handshake attempt.

Make sure you aren't confusing FTPS with FTPES. Or SFTP with FTPS.

dkleppe
User
Posts: 11
Joined: Fri Apr 10, 2015 11:11 am

Re: Backing up to FTP server using FTPS

Post by dkleppe » Wed May 13, 2015 9:57 am

I'm using FTPS, at least that's what my device thinks it's using.

This is from the devices help section:

To use FTPS, your FTP server must also support FTPS or all connection attempts will fail. The following information will be needed:

Username - Must have write access to the FTP server.
Password - Password for the above user.
Server Name/IP - The IP address or FQDN (complete hostname) of the FTP server.
Folder/Path - The folder or path on the FTP server where the backup files are to be stored.
Port - The port used to connect to the FTP server. By default, port 21 will be used.

To verify connectivity once all access information has been entered, click the Test Configuration button.

By default, FTP (and FTPS) connections are initiated in passive mode. If your FTP server is also running in passive mode, and you have a firewall between your FTP server and the Barracuda Spam Firewall, then your backups may on occasion time out. To resolve this, you should make sure to have a port open on your firewall to allow passive-mode FTP connections, and reconfigure your Port number here to match. The port range depends on your FTP server configuration, so verify that no other services are using this range of ports.
Note:FTPS active mode is not supported.

I'm guessing it has something to do with active/passive modes?

User avatar
Serin
Site Administrator
Posts: 1785
Joined: Sat Jan 01, 2005 6:57 pm
Location: United States
Contact:

Re: Backing up to FTP server using FTPS

Post by Serin » Wed May 13, 2015 10:33 am

I suspect your device is calling FTPES mode FTPS. Try establishing the connection to the FTP listener on port 21. The connection will work if it's really FTPES.

While passive mode problems are the most common issue with FTP, you aren't getting that far in the connection. Passive/active mode problems happen after the initial connection and user login.

dkleppe
User
Posts: 11
Joined: Fri Apr 10, 2015 11:11 am

Re: Backing up to FTP server using FTPS

Post by dkleppe » Wed May 13, 2015 10:38 am

We have FTP disabled. Only using FTPS,SFTP, and HTTPS. I did enable it to test in the past, and it worked.

User avatar
Serin
Site Administrator
Posts: 1785
Joined: Sat Jan 01, 2005 6:57 pm
Location: United States
Contact:

Re: Backing up to FTP server using FTPS

Post by Serin » Wed May 13, 2015 10:41 am

You probably also have FTPES disabled as well then, since both FTP and FTPES both start over an FTP listener on port 21. See this link to understand the differences:

http://www.cerberusftp.com/support/help ... pport.html

FTPES is still secure, even though it starts our over an FTP listener on port 21.

dkleppe
User
Posts: 11
Joined: Fri Apr 10, 2015 11:11 am

Re: Backing up to FTP server using FTPS

Post by dkleppe » Wed May 13, 2015 11:28 am

This is what i get when trying to establish the connection to the FTP listener on port 21:

[2015-05-13 11:25:32]:CONNECT [ 20650] - Incoming connection request on FTP interface 72 at 192.168.10.12
[2015-05-13 11:25:32]:CONNECT [ 20650] - FTP connection request accepted from 192.168.10.5
[2015-05-13 11:25:32]:COMMAND [ 20650] - AUTH TLS
[2015-05-13 11:25:32]: REPLY [ 20650] - 234 Authentication method accepted

[2015-05-13 11:25:32]:CONNECT [ 20650] - SSL connection using SSL connection using TLSv1.0 (ECDHE-RSA-AES256-SHA), 256 bit encryption encryption
[2015-05-13 11:25:32]:CONNECT [ 20650] - SSL connection established
[2015-05-13 11:25:32]:COMMAND [ 20650] - USER Barracuda
[2015-05-13 11:25:32]:CONNECT [ 20650] - The user is not allowed to login with this protocol
[2015-05-13 11:25:32]: REPLY [ 20650] - 530 Secure connection required

[2015-05-13 11:25:32]:CONNECT [ 20650] - The client closed the connection
[2015-05-13 11:25:32]:CONNECT [ 20650] - Connection terminated

dkleppe
User
Posts: 11
Joined: Fri Apr 10, 2015 11:11 am

Re: Backing up to FTP server using FTPS

Post by dkleppe » Wed May 13, 2015 11:44 am

Scratch that above post. I didn't realize ftp was disabled in the interface area and in that user setup too. It worked.

Thanks for you help!

DK

Post Reply