The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

FTP error over explicit TLS/SSL

Discussion in 'General Discussion' started by monkey64, Feb 26, 2013.

  1. monkey64

    monkey64 Well-Known Member

    Nov 6, 2011
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    I have been battling to get TLS/SSL working on the server.
    I have Pure-FTPD selected and have TLS Encryption Support set to "Optional"
    Is this meant to work "out of the box" or does it need configuring?

    From Cpanel I have created a new working FTP account.
    When I change the protocol type from FTP to FTP with TLS/SSL, I get the following output:

    		*** CuteFTP 8.3 - build May 19 2010 ***
    STATUS:>  	[26/02/2013 18:22:08] Getting listing ""...
    STATUS:>  	[26/02/2013 18:22:08] Resolving host name
    STATUS:>  	[26/02/2013 18:22:08] Host name resolved: ip =
    STATUS:>  	[26/02/2013 18:22:08] Connecting to FTP server... (ip =
    STATUS:>  	[26/02/2013 18:22:08] Socket connected. Waiting for welcome message...
    		[26/02/2013 18:22:08] 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
    		220-You are user number 1 of 50 allowed.
    		220-Local time is now 18:22. Server port: 21.
    		220-This is a private system - No anonymous login
    		220-IPv6 connections are also welcome on this server.
    		220 You will be disconnected after 15 minutes of inactivity.
    STATUS:>  	[26/02/2013 18:22:08] Connected. Authenticating...
    COMMAND:>	[26/02/2013 18:22:08] AUTH TLS
    		[26/02/2013 18:22:08] 234 AUTH TLS OK.
    STATUS:>  	[26/02/2013 18:22:08] Establishing SSL session...
    STATUS:>  	[26/02/2013 18:22:08] Connected. Exchanging encryption keys...
    STATUS:>  	[26/02/2013 18:22:08] SSL Connect time: 78 ms.
    STATUS:>  	[26/02/2013 18:22:08] SSL encrypted session established.
    COMMAND:>	[26/02/2013 18:22:08] PBSZ 0
    		[26/02/2013 18:22:08] 200 PBSZ=0
    COMMAND:>	[26/02/2013 18:22:08] USER
    		[26/02/2013 18:22:08] 331 User OK. Password required
    COMMAND:>	[26/02/2013 18:22:08] PASS *****
    		[26/02/2013 18:22:08] 230 OK. Current restricted directory is /
    STATUS:>  	[26/02/2013 18:22:08] Login successful.
    COMMAND:>	[26/02/2013 18:22:08] PWD
    		[26/02/2013 18:22:08] 257 "/" is your current location
    STATUS:>  	[26/02/2013 18:22:08] Home directory: /
    COMMAND:>	[26/02/2013 18:22:08] FEAT
    		[26/02/2013 18:22:08] Informational Message Only:
    		211-Extensions supported:
    		 MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
    		 AUTH TLS
    		211 End.
    STATUS:>  	[26/02/2013 18:22:08] This site supports features.
    STATUS:>  	[26/02/2013 18:22:08] This site supports SIZE.
    STATUS:>  	[26/02/2013 18:22:08] This site can resume broken downloads.
    STATUS:>  	[26/02/2013 18:22:08] Time zone synchronization
    COMMAND:>	[26/02/2013 18:22:08] TYPE I
    		[26/02/2013 18:22:08] 200 TYPE is now 8-bit binary
    COMMAND:>	[26/02/2013 18:22:08] PBSZ 0
    		[26/02/2013 18:22:08] 200 PBSZ=0
    COMMAND:>	[26/02/2013 18:22:08] PROT P
    		[26/02/2013 18:22:08] 200 Data protection level set to "private"
    COMMAND:>	[26/02/2013 18:22:08] PASV
    		[26/02/2013 18:22:08] 227 Entering Passive Mode (1,2,3,4,154,53)
    COMMAND:>	[26/02/2013 18:22:08] REST 0
    		[26/02/2013 18:22:08] 350 Restarting at 0
    COMMAND:>	[26/02/2013 18:22:08] STOR gs_tmp_tz.4823.29
    STATUS:>  	[26/02/2013 18:22:08] Connecting FTP data socket...
    ERROR:>   	[26/02/2013 18:22:29] The connection failed due to an error or timeout.
    		1) Verify that the destination IP address is correct.
    		2) Increase the connection timeout threshold under Global Settings | Connection.
    		3) Switch to the opposite data connection type (PASV or PORT) under Site Settings | Type tab.
    		4) Verify that the problem is not local by trying to connect to an alternate server.
    		5) If a server name was used, verify it resolves to the correct address.
    		6) If using a local server table for server name resolution, check to see that it doesn't resolve to an obsolete address.
    		7) Try pinging the address.
    		8) If you are using a router, verify the router is up and running (check by pinging it and then ping an address outside of the router).
    		9) Do a traceroute to the destination to verify all routers along the connection path are operational.
    		10) Verify that your subnet mask is setup properly.
    		11) Verify that your local software or hardware firewall is not blocking outbound connections originating from CuteFTP.
    		12) Verify that your anti-virus software is not at fault (try disabling it).
     NOTE:>    	[26/02/2013 18:22:29] Time zone synchronization failed.
    STATUS:>  	[26/02/2013 18:22:29] Time zone synchronization
    COMMAND:>	[26/02/2013 18:22:29] PASV

    I have tried disabling CSF as well as the Firewall / Antivirus program on my PC, but nothing makes any difference.
    Where do I go from here?
    #1 monkey64, Feb 26, 2013
    Last edited: Feb 26, 2013
  2. noox

    noox Active Member

    Mar 19, 2003
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    I've the same problem. Some months ago everything worked. But now I get the same error even if I cannot remember that I have changed anything in the FTP or firewall configs.
  3. noox

    noox Active Member

    Mar 19, 2003
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    Have found my problem. I'm using passive mode. So the CSF Firewall must be open for a port range. I have defined a port range in the pure ftpd config and opened those ports in the CSF config. But it seems like something hanged the Pure FTP config (a Cpanel Update?). I've added the Port Range to the Pure FTP config again. Now it works again.

Share This Page