Setting Up Remote backups in WHM (FTP Passive Mode)

[PCZero]

OK I am having a major brain fart here. I have done this several times in the past but old age and lack of sleep are kicking my butt. I simply want to set up a remote FTP back up in Passive mode. Everything is 100% functional with the back up as long as I disable Passive mode but as soon as I turn it on, the back up destination no longer validates. I am pretty sure it has something to do with making sure all of the various applicable parameters are set ti use the same port range for Passive mode, but I am missing something.

WHM set to passive mode.
Cable modem firewall set to forward port 21 to the correct LAN IP.
Cable modem set to forward the designated passive mode port range to the same IP.
Firezilla Server set to use the designated passive mode port range.

Do I need to add to the settings in APF?
Do I need to change some FTP settings in WHM?
Do I need to gt some sleep?

Thanks!

 

[server9host]

Hello,

Try to disable APF and iptables temporary and then perform FTP remote backup. Let me know what you get after this.

 

[PCZero]

I disabled APF and still had the error in passive mode.

 

[server9host]

Hello,

Can you please post logs which you get on server for remote FTP . You get log in /var/log/messages

 

[PCZero]

I am in the middle of running a manual back up in non-passive mode. As soon as that si done I will post the requested info.

 

[cPanelMichael]

Hello

It sounds like it might be a configuration issue with your modem/router. Check to make sure it doesn't block the passive port range by default.

Thank you.

 

[PCZero]

There file /var/log/messages is null.

Michael I am not sure where within the control panel for the modem that I might find anything about port ranges being blocked by default. I do know that I have I am using a Zoom 5352 DOCSIS 3.0 router. Any ideas where I might look? I did try DMZing my box tht is being used for the remote FTP but passive still failed.

 

[cPanelMichael]

Is it possible your ISP is blocking some of the traffic? You may want to contact them and check, as based on your responses it seems like the remote FTP server is setup at a home location.

Thank you.

 

[PCZero]

Yes Michael this remote box is at a residential site. One serviced by Comcast. I am beginning to think that they might be doing some blocking as well, but truth eb told it is almost not worth the hassle of calling in and asking them, their support woudl probably end up passing me around several times before I got anyone who actually understood the question and then the same number or more before I got someone who could actually answer it!

As it is, I have FireZilla server set up to reject all incoming IPs other than the main IP of the server in question. The password for the only authorized user account is lengthy and cryptic. The user is locked into a specific location on a NAS drive on my network. Lastly access is only authorized during the time window that the back up is scheduled to run on the server. With all of these restrictions in place I think I am OK with running my back ups with passive mode disabled. I'll go with it for now and keep an eye on things to see if things need additional attention. Thanks!