Setting Up Remote backups in WHM (FTP Passive Mode)

PCZero

Well-Known Member
Dec 13, 2003
780
103
193
Earth
OK I am having a major brain fart here. I have done this several times in the past but old age and lack of sleep are kicking my butt. I simply want to set up a remote FTP back up in Passive mode. Everything is 100% functional with the back up as long as I disable Passive mode but as soon as I turn it on, the back up destination no longer validates. I am pretty sure it has something to do with making sure all of the various applicable parameters are set ti use the same port range for Passive mode, but I am missing something.

WHM set to passive mode.
Cable modem firewall set to forward port 21 to the correct LAN IP.
Cable modem set to forward the designated passive mode port range to the same IP.
Firezilla Server set to use the designated passive mode port range.

Do I need to add to the settings in APF?
Do I need to change some FTP settings in WHM?
Do I need to gt some sleep?

Thanks!
 

server9host

Well-Known Member
Sep 18, 2013
160
0
16
India
cPanel Access Level
Root Administrator
Hello,

Try to disable APF and iptables temporary and then perform FTP remote backup. Let me know what you get after this.
 

server9host

Well-Known Member
Sep 18, 2013
160
0
16
India
cPanel Access Level
Root Administrator
Hello,

Can you please post logs which you get on server for remote FTP . You get log in /var/log/messages
 

PCZero

Well-Known Member
Dec 13, 2003
780
103
193
Earth
I am in the middle of running a manual back up in non-passive mode. As soon as that si done I will post the requested info.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,270
463
Hello :)

It sounds like it might be a configuration issue with your modem/router. Check to make sure it doesn't block the passive port range by default.

Thank you.
 

PCZero

Well-Known Member
Dec 13, 2003
780
103
193
Earth
There file /var/log/messages is null.

Michael I am not sure where within the control panel for the modem that I might find anything about port ranges being blocked by default. I do know that I have I am using a Zoom 5352 DOCSIS 3.0 router. Any ideas where I might look? I did try DMZing my box tht is being used for the remote FTP but passive still failed.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,270
463
Is it possible your ISP is blocking some of the traffic? You may want to contact them and check, as based on your responses it seems like the remote FTP server is setup at a home location.

Thank you.
 

PCZero

Well-Known Member
Dec 13, 2003
780
103
193
Earth
Yes Michael this remote box is at a residential site. One serviced by Comcast. I am beginning to think that they might be doing some blocking as well, but truth eb told it is almost not worth the hassle of calling in and asking them, their support woudl probably end up passing me around several times before I got anyone who actually understood the question and then the same number or more before I got someone who could actually answer it!

As it is, I have FireZilla server set up to reject all incoming IPs other than the main IP of the server in question. The password for the only authorized user account is lengthy and cryptic. The user is locked into a specific location on a NAS drive on my network. Lastly access is only authorized during the time window that the back up is scheduled to run on the server. With all of these restrictions in place I think I am OK with running my back ups with passive mode disabled. I'll go with it for now and keep an eye on things to see if things need additional attention. Thanks!