# proftpd - PASV, no response

## guillain

I am trying to configure proftpd, but I've encountered a problem that I can not solve. Connecion hangs after PASV command (client get even no response like 227: Entering passive mode).

Yes, I am behind NAT, but I set DMZ (all possible packets are routed directly to my server) and I have added folowing lines to proftpd.conf:

```
PassivePorts 61025 64096

MasqueradeAddress xxxxxxx.pl
```

When connecting from inside my LAN (using external ip) it is working just fine. But when I try to connect from outside, proftpd hangs on command PASV, and it is giving no response.

Response from online ftp tester:

```
Status: Resolving address of xxxxxxx.pl

Status: Connecting to xx.xx.xx.142

Status: Connected, waiting for welcome message

Reply: 220 ProFTPD 1.3.3a Server (ProFTPD poldrag) [xx.xx.xx.142]

Command: CLNT http://ftptest.net on behalf of xx.xx.xx.142

Reply: 500 CLNT not understood

Command: USER ic

Reply: 331 Password required for ic

Command: PASS *****

Reply: 230 User ic logged in

Command: SYST

Reply: 215 UNIX Type: L8

Command: FEAT

Reply: 211-Features:

Reply: MDTM

Reply: MFMT

Reply: TVFS

Reply: UTF8

Reply: MFF modify;UNIX.group;UNIX.mode;

Reply: MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;

Reply: LANG en-US*

Reply: REST STREAM

Reply: SIZE

Reply: 211 End

Command: PWD

Reply: 257 "/" is the current directory

Status: Current path is /

Command: TYPE I

Reply: 200 Type set to I

Command: PASV

Error: Connection timed out
```

My proftpd.conf:

```
ServerName "ProFTPD poldrag"

ServerType standalone

RequireValidShell off

DefaultServer on

AllowForeignAddress off

ExtendedLog             /var/log/proftpd/proftpd.log

TransferLog             /var/log/proftpd/xferlog

PassivePorts 61025 64096

MasqueradeAddress xxxxxxxxx.pl

Port 21

Umask 0022

MaxInstances 30

User ftp

Group ftp

AuthOrder mod_auth_file.c

AuthUserFile /etc/proftpd/users

AuthGroupFile /etc/proftpd/groups

DefaultRoot ~

AllowOverwrite on

<Limit SITE_CHMOD>

  DenyAll

</Limit>

<Limit WRITE>

  AllowAll

</Limit>
```

emerge proftpd -pv

```
[ebuild   R   ] net-ftp/proftpd-1.3.3a  USE="acl authfile caps ctrls mysql nls softquota ssl tcpd -ban -case -clamav -deflate -doc -exec -hardened -ident -ifsession -ipv6 -kerberos -ldap -ncurses -pam -postgres -radius -ratio -readme -rewrite (-selinux) -sftp -shaper -sitemisc -trace -vroot -xinetd" 0 kB  
```

Does anyone know, what cause the problem?

----------

## flocchini

same problem here

also, notice that proftpd doesn't say anymore "masquerading as x.x.x.x" when starting

----------

