|I am trying to use a FTP server with SSL/TLS enabled. This is on a Buffalo LinkStation NAS device. I can connect over regular FTP (non-secure) on the Internet and can view directories in that mode without any problem.|
However, when I connect over SSL/TLS in WinSCP, I get the following error after successfully signing in:
Server sent passive reply with unroutable address 192.168.2.53, using host address instead.
Timeout detected. (data connection)
Could not retrieve directory listing
Error listing directory '/'.
I have tried different FTP clients (including File Zilla) and the same basic problem remains.
192.168.2.53 is the local IP address of the NAS on my LAN (I'm not sure if the message about the IP address is related to the directory listing problem or not). From the Internet, I connect to port 21 on a static IP address to gain access to the FTP server. Port 21 is forwarded from the router.
I have tried switching the FTP client back and forth from "passive" to "active" mode. Neither works. It seems I have to use "explicit" encryption to establish a connection.
I installed an SSL certificate and key, which appear to be working fine. This is not an SSH server, it is FTP over SSL/TLS.
I see online that some people have solved the problem by forwarding a range of ports to the FTP server. Buffalo's documentation does not offer such a suggestion so I have no idea what range to try, or if that would work. Depending on what client I use I sometimes see a PORT error 500.
Is there a setting on the NAS or router I need to change to make FTP access with SSL/TLS work over the Internet? Thank you.