# Can't connect with FTPES



## dennylin93 (May 19, 2009)

I'm having problems with FTP over TLS. Right now I'm using Pure-FTPd 1.0.22. Within my network, 1xx.xxx.xxx.0/24, I can use both FTP and FTPES connections with any problems. However, outside, I can only use FTP. PF is turned off.

My config file is the same as default, with the exception of TLS set to 1 (accept both traditional and encrypted sessions).

I'm suspecting that there's a problem with the hardware firewall before the router, but I'm not sure.

When I use telnet and type AUTH TLS, I get the reply 500 Command Not Understood.


----------



## anomie (May 20, 2009)

dennylin93 said:
			
		

> I'm suspecting that there's a problem with the hardware firewall before the router, but I'm not sure.



Well, might as well eliminate or confirm that possibility. 


```
%grep -i ftps /etc/services
ftps-data	989/tcp	   # ftp protocol, data, over TLS/SSL
ftps-data	989/udp
ftps		990/tcp	   # ftp protocol, control, over TLS/SSL
ftps		990/udp
```

Try a port scan to see if tcp 989 / 990 are open to you. 

`% nc -zvw 1 ftp.server.here 990`

What output does that give you? (Check the data port too.)


----------



## dennylin93 (May 28, 2009)

sockstat -4 | grep ftp

```
root     pure-ftpd  766   4  tcp4   *:21                  *:*
```

The encrypted session doesn't seem to use port 989 and 990. It goes over port 21 as well.


----------



## vivek (May 28, 2009)

You need to use ftps aware client such as lftp or ftp/ftp-tls/ or winscp or http://fireftp.mozdev.org/


----------



## dennylin93 (May 30, 2009)

I am using FileZilla. FTPES works within my network, but when I try it from home, it fails. The firewall rules have been set to pass all traffic.


----------

