Server sent passive reply with unroutable address - How to fix this error ?





When trying to connect via FTP clients, the misconfiguration in the FTP configuration file results in an error like "Server sent passive reply with unroutable address".

Many of our customers allow their website developers to have restricted access to the server due to security reasons.

So, developers often use FTP clients like FileZilla to upload and download files from the server, they come across this error message.


Here at Ibmi Media, as part of our Server Management Services, we regularly help our Customers to resolve FTP related errors.

In this context, we shall look into the causes and their respective fixes for this FTP error message.


How we fix the FTP error 'Server sent passive reply with unroutable address'

Now, let's see the major reasons for this FTP error and how to fix it.


1. Bad firewall settings

Recently, one of our customers approached us with this error message’. Using server address instead when connecting to an FTP site.

On checking, we found that passive ports were not allowed on the firewall settings. This results in clients unable to connect to their server from the outside network.

So, we teak the firewall setting as adding passive ports range in firewall settings.


2. NAT configuration

Similarly, another customer had a problem with his FTP connection,  when he tried to connect the FTP server with FileZilla and getting the following errors

Server sent passive reply with unroutable address. Using server address instead.

On investigating, we found that the FTP client was behind NAT. However, the FTP protocol doesn’t support NAT at all. Also, the client explicitly informs the server in active mode to open a secondary connection to the server’s IP address, which will not work if the client is behind NAT

So, we edit the /etc/vsftpd.conf file as below:

pasv_address=<your.external.IP>

Finally, this fixed the error.


[Need urgent assistance to manage the FTP server? We'll help you. ]


Conclusion

This article will guide you on ways to resolve #Server sent passive reply with unroutable address which occurs due to bad server settings or when an FTP client is behind #NAT. 

#FileZilla has updated their FTP #client, and FTP over TLS is now used by default. This results in clients being unable to connect to their server from the outside network.

Make sure that you properly set up for FTP over TLS/SSL, explicit and passive ports are allowed on the #firewall and set on Serv-U:

i. Go to the Serv-U settings at: Global Limits & Settings > Settings - Network Settings.

ii. Ensure the Auto-configure firewall through UPnP checkbox is not checked.

iii. Ensure the Packet time-out is set to 300 seconds.

iv. Set #PASV Port Range is 50,000-50,009, and port forward these ports to your router.

This configures the file transfer traffic to be routed through the router and directly to Serv-U through “Port Forwarding”.


If, after this, you are still unable to connect, try disabling the "Block FTP_Bounce and FXP" option - this has been known to cause issues for some clients. To do this, follow the steps below:

1. Navigate to Global > Limits and Settings  > #FTP Settings.

2. Select Global Properties. (If this is not available, first select Use Custom Settings to gain access to it).

3. On the Advanced Options tab, make sure "Block FTP_Bounce and FXP" is unchecked (which it is by default).



Related Post

AWS error code 0x204

This article will guide you on methods to fix AWS #error code 0x204 which happens in the process of trying to login to a remote machine on VPC.

Amazon Virtual Private #Cloud (Amazon #VPC) is a service that lets you launch AWS resources in a logically isolated virtual network that you define. You can use both IPv4 and IPv6 for most resources in your virtual private cloud, helping to ensure secure and easy access to resources and applications.


To enable RDP access on AWS instance:

i. Open the Amazon EC2 console , set it to the stack's region, and choose Security Groups from the navigation pane. 

ii. Choose AWS-OpsWorks-RDP-Server, choose the Inbound tab, and choose Edit. 

iii. Choose Add Rule and specify the following settings: Type – RDP.


To connect from the #Amazon EC2 console:

1. Open the Amazon #EC2 console.

2. In the left navigation pane, choose Instances and select the instance to which to connect.

3. Choose Connect.

4. On the Connect To Your Instance page, choose EC2 Instance Connect (browser-based SSH connection), Connect.

ModSecurity failed to open the audit log file error

This article will guide you on methods to resolve the error 'ModSecurity failed to open the audit log file' which occur as a result of a missing log files or due to improper permissions.

1. Setting ownership to www-data:www-data and file permissions from 600 to 660 will fix this problem.

2. Ensure that the permissions are properly configured on these files.

Execute the command below:

chmod 0644 /etc/apache2/logs/error_log

chmod 0600 /etc/apache2/logs/modsec_audit.log

The modsec log files are assigned 0600 permissions by default, whereas the error_log is assigned 0644 permissions by default.

3. mkdir permission denied signifies that the user you're running the mkdir as, doesn't have permissions to create new directory in the location you specified. 

You should use ls command on the higher level directory to confirm permissions.

4. The mkdir command by default gives rwx permissions for the current user only. To add read, write, and execute permission for all users, add the -m option with the user 777 when creating a directory.

Deploying PHP Guestbook application with Redis

This guide will guide you on how to Deploy #PHP Guestbook application with Redis. An effective way of Deploying PHP Guestbook application with Redis is with the use of the Kubernetes cluster.

Redis is a powerful tool for data storage and #caching. 

Redis Cluster extends the functionality by offering sharding and correlated performance benefits, linear scaling, and higher availability because of how Redis stores data. 

The data is automatically split among multiple nodes, which allows operations to continue, even when a subset of the nodes are experiencing failures or are unable to communicate with the rest of the cluster.


Benefits of using #Redis:

1. It is incredibly fast. It is written in ANSI C and runs on POSIX systems such as Linux, Mac OS X, and Solaris.

2. Redis is often ranked the most popular key/value database and the most popular NoSQL database used with containers.

3. Its caching solution reduces the number of calls to a cloud database backend.

4. It can be accessed by applications through its client API library.

5. Redis is supported by all of the popular programming languages.

6. It is open source and stable.


Phpmyadmin keeps asking for password

This article will guide you on tips to resolve phpMyAdmin error when it keeps asking for a password to login.

This #phpMyAdmin problem can arise due to many different reasons that include browser cache issues, using an incorrect password, drive being full, and so on. 

To fix this problem, you need to reset the cPanel password as follows:

1. Login to WHM at https://<your vps ip>:20871) as user root, using the server's root password.

2. Go to 'Home >> Account Information >> List Accounts'.

3. Click on the + sign near the domain for which you want to change the cPanel password. 4. You can see an option there to change the password.

5. Select the option "Sync #Mysql password with account password" and change password.

oVirt Server unable to upload image to disk

This article will guide you on ways to resolve 'ovirt: unable to upload image to disk' error.

You can upload virtual disk images and ISO images to your data storage domain in the Administration Portal or with the REST API.

QEMU-compatible virtual disks can be attached to virtual machines. Virtual disk types must be either QCOW2 or raw. Disks created from a QCOW2 virtual disk cannot be shareable, and the QCOW2 virtual disk file must not have a backing file.

ISO images can be attached to virtual machines as CDROMs or used to boot virtual machines.


To Upload an Image to a Data Storage Domain:

1. Click Storage - Disks.

2. Select Start from the Upload menu.

3. Click Choose File and select the image to upload.

4. Fill in the Disk Options fields.

5. Click OK.

A progress bar indicates the status of the upload. You can pause, cancel, or resume uploads from the Upload menu.

KVM hypervisor How it Works

This article will guide you on how the KVM #hypervisor works. Basically, KVM is a type-2 hypervisor (installed on top of another OS, in this case some flavor of #Linux). 

It runs, however, like a type-1 hypervisor and can provide the power and functionality of even the most complex and powerful type-1 hypervisors, depending on the tools that are used with the KVM package itself.

KVM (for Kernel-based Virtual Machine) is a full virtualization solution for Linux on x86 hardware containing virtualization extensions (Intel VT or AMD-V).

Using KVM, one can run multiple virtual machines running unmodified Linux or Windows images.

1. The main difference between Type 1 vs. Type 2 hypervisors is that Type 1 runs on bare metal and Type 2 runs on top of an operating system. 

2. Each hypervisor type also has its own pros and cons and specific use cases.

3. Xen is better than #KVM in terms of virtual storage support, high availability, enhanced security, virtual network support, power management, fault tolerance, real-time support, and virtual CPU scalability.

4. A Type 1 hypervisor takes the place of the host operating system. 

5. Type 1 hypervisors are highly efficient because they have direct access to physical hardware. 

6. This also increases their security, because there is nothing in between them and the CPU that an attacker could compromise.

Server Administration

Remote Support


Focus on your business, not your servers.

Click Here to Learn More


Webhosting Support


Recent Post




Keep In Touch

We hope to hear from you.

Accept File Type: jpg,jpeg,png,txt,pdf,doc,docx