• New Patreon Tier and Early Access Content available. If you would like to support AVForums, we now have a new Patreon Tier which gives you access to selected news, reviews and articles before they are available to the public. Read more.

Problems with manually assigning FTP port on WRT160N

colicab

Standard Member
Hi everyone,


I'm fairly new at networking stuff and I have a problem setting up an FTP server at home.

So this is the situation.

I want to use my QNAP TS-219P as a FTP server. I have a WRT160 v1 router linked to my modem and the entire network (including the QNAP).

As I understand to establish an FTP server, you need to forward a port on the router to the static IP of your FTP server. By default this is 21. Now here lies the problem.

My ISP blocks all incoming port below 1024, so port 21 is not available for mee to use to access the FTP outside the network.
I did get the FTP server running (only inside the network) by opening the default FTP port on the WRT160N (on the admin page: applications&games > Forward a single port > enabling the FIXED application "FTP" and putting in the QNAP IP address).

So I tried to set-up my FTP server by opening a port higher than 1024 on my router (e.g. external port and internal port = 8000) and changing the access port to 8000 on my QNAP. When I do this, I can't connect to the FTP inside as well as outside the network.

Because I didn't know what was causing the problem I reset the FTP port on my QNAP to default 21 and changed the internal port on my router to 21 (keeping external port to 8000). Still nothing. If the QNAP was causing the problem, it would be fixed doing this, I think.

As far as I can tell from this Open Port Tool DynDNS.com - Support -- Tools -- Open Port Tool port 8000 on my router is open and should be working. So this tells me, my ISP is not the problem either.


From what I tried, I think my WRT160N is causing the problem by not allowing an FTP to go through any other port than 21. Like I said the FTP works fine inside the network but only if I use the FIXED port forward (the 5 rows in the port forwarding section have a top-down menu where you have to select a fixed application, automatically assinging the port for this application).
But if I manually make an application (using the 6th row or higher and type the port 21 (internal & external port) going to the LAN IP of my QNAP, I can't even access the FTP from inside the network. For clarification, i put in a link where you see a screen shot of the port forwarding page of my router).
Port Forwarding Utorrent on the Linksys WRT160N

Because of this, I think some weird firmware issue is causing this problem by not allowing me to manually assign a port for the FTP.

Does anybody have an idea about this, or some experience maybe? Is it in fact the firmware of the router that is causing the problem? And if so, could I fix this by installing other firmware, like DD-WRT? I hear a lot of good things about this but I want to make sure this will actually fix my problem before I install it.


Thanks in advance!
 

mickevh

Distinguished Member
FTP is a funny beast, not least because FTP actually uses two ports. This article describes it pretty well...

http://slacksite.com/other/ftp.html

If it were me, I'd favour leaving the FTP server device using default port values, then have you Firewall/NAT device (your router) do port translations for you. And use Passive mode.

Of course, you also need FTP client software that allows you to tell it which ports to use if you are not using the standard ones.
 
Last edited:

Jeroen1000

Established Member
Perhaps a daft remark, but it is sometimes the simple things. I know how long it took me to get that damn FTP working (albeit it was with TLS).

Some FTP-clients just don't work. Use filezilla for testing and make sure you fill in the correct port; All FTP clients auto assume port 21 unless told otherwise. Reboot the NAS after changing the port too.

There is NO reason whatsoever it shouldn't work inside your own LAN. If it does not work there, don't bother trying outside the LAN.
 

colicab

Standard Member
@ mickevh:

I think I already tried port translation by setting port forwarding in the following way: on external pc: WAN IP:8000 --> Router: external port 8000; internal port 21 --> NAS FTP server: port 21
Or is this not port translation? (remember I'm new at this :D)

I use FileZilla, tried connecting with the WAN IP as well as a host name (from DynDNS) linked to my WAN IP. Port number was entered correctly.

About the 2 ports. I read about this but on my NAS I can only setup 1 port for my FTP server. Would this be the command port or the data port?

Maybe I can try following configuration:

Router: 8000 --> 21 ; 8001 --> 20
NAS: FTP port 21? Or 20?

Would this work?
I'll try this in passive mode to see what happens. Thanks for the article.
 

Jeroen1000

Established Member
If all recall corectly, I could never connect to my own WAN IP. Someone external had to try this at all times.
 

mickevh

Distinguished Member
Come to think of it, even with passive FTP it's going to be tough. As part of the handshake, the FTP server tells the client which port to connect back on for it's data port, but this is randomly assigned at connect time, so you're not going to be able to code a port forward (translation) for it in advance because you are not going to know what port to code for.

A lot of firewalls that "handle" FTP have "special" logic (or even proxy services) built into them to deal with this sort of heartache which it wouldn't surprise me is not present on a lot of SOHO routers.

Many Sys-Admins ban FTP because of this type of hassle, (as well as the security risk.) One way we "get around" all this heartache it is to use FTP embedded in a web browser. It may be worth looking to see if you NAS supports such.

Failing that, maybe you could look at using a VPN to tunnel through your router instead?

FTP is just a bag of worms to get working through firewalls. :mad:
 
Last edited:

mickevh

Distinguished Member
If all recall corectly, I could never connect to my own WAN IP. Someone external had to try this at all times.

That's not unusual - a lot of firewalls will see an attempt to connect to to external interface from an internal client as suspicious or pointless and quietly ignore it (beit for FTP or any other protocol.)
 

colicab

Standard Member
I also thought about setting up a VPN, but initially I thought setting up the FTP would be easier :oops:

So basically, if you can't go through the default ports (20&21) thanks to the ISP, it will be difficult to set it up.

You think I can solve my FTP problem by flashing other firmware on the Linksys router? Like DD-WRT?
 

colicab

Standard Member
Like you said michevh, the issue was that FTP uses 2 ports.

I just opened both forwarded ports 8000-->20 & 8001-->21 on my router.

Now the FTP server works perfectly!


Thanks!
 
Last edited:

The latest video from AVForums

Is 8K TV dead? Philips OLED+907, Pioneer LX505 AVR plus B&W 700 S3 Reviews & Visit + AV/HiFi News
Subscribe to our YouTube channel
Support AVForums with Patreon

Top Bottom