FTP in passive mode : EHOSTUNREACH - No route to host

27.5k views Asked by At

I have a FTP server which was running for about a month without any problem.

Today, I cannot connect to it with filezilla, I get this message :

The data connection could not be established: EHOSTUNREACH - No route to host

I searched on Google/SO and found that it might be a TLS problem. However, I can connect to the FTP server using the console :

$ ftp
ftp> open mymachine.mycompany.com
Connected to mymachine.mycompany.com
220 Bienvenue sur le serveur FTP mymachine.mycompany.com.
Name (mymachine.mycompany.com:adenoyelle): mylogin
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
drwxr-xr-x    2 502      502         20480 Jun 05 11:51 Ga
drwxr-xr-x    7 502      502          4096 Apr 21 15:41 Bu
drwxr-xr-x    7 502      502          4096 Jun 03 16:26 Zo
226 Directory send OK.
ftp> 

What can be the reason for that?

EDIT : I found that enabling the 'Active' mode solves the problem in Filezilla but I need it to work in passive mode

EDIT : Here is the full trace on Filezilla's side :

Status: Connecting to 10.196.***.***
Status: Connection established, waiting for welcome message...
Response:   220 Bienvenue sur le serveur FTP mymachine.mycompany.com.
Command:    USER mylogin
Response:   331 Please specify the password.
Command:    PASS ******
Response:   230 Login successful.
Command:    SYST
Response:   215 UNIX Type: L8
Command:    FEAT
Response:   211-Features:
Response:    EPRT
Response:    EPSV
Response:    MDTM
Response:    PASV
Response:    REST STREAM
Response:    SIZE
Response:    TVFS
Response:    UTF8
Response:   211 End
Command:    OPTS UTF8 ON
Response:   200 Always in UTF8 mode.
Status: Connected
Status: Retrieving directory listing...
Command:    PWD
Response:   257 "/home/mylogin"
Command:    TYPE I
Response:   200 Switching to Binary mode.
Command:    PASV
Response:   227 Entering Passive Mode (10,196,165,224,189,253).
Command:    LIST
Error:  The data connection could not be established: EHOSTUNREACH - No route to host
2

There are 2 answers

2
r_ahlskog On

Well there is one difference between those two, on command line you use PORT and Filezilla uses PASV changing the direction of the connection used. PORT means your computer opens a port and waits for connection from the server. PASV means the server opens a port and waits for the client to connect.

Is it possible that the server has a firewall blocking the incoming connections, perhaps the firewall is stupid and cannot auto-detect the PASV result and allow the corresponding port. Perhaps it has worked before because the server chose ports that were within a range allowed by the firewall.

0
ted-k42 On

Had the same issue with PASV and PORT and Filezilla and vsftpd. The connection succeeds so it doesn't fall back on Active mode in Filezilla.

Using the default configuration on both vsftpd, Filezilla and opening port 21/TCP, you need to switch to Active mode for it to work.