Synology Inc. Online Community Forum

Synology Inc. Online Community Forum

Skip to content

500 Illegal PORT range rejected (DSM 4.0)

For issues regarding settings and usage of FTP and WebDAV service, post it here!
Forum rules
This is a user forum for Synology users to share experience/help out each other: if you need direct assistance from the Synology technical support team, please use the following form:
https://myds.synology.com/support/suppo ... p?lang=enu
Post a reply

500 Illegal PORT range rejected (DSM 4.0)

Postby slyt » Fri Mar 16, 2012 9:45 pm

I can not succesfully connect to my FTPS server on DS1511+ from any host on WAN (internet) site.

Trying to connect via Filezilla gives me:
Code: Select all
Status:   Resolving address of domainname
Status:   Connecting to ipaddress:21...
Status:   Connection established, waiting for welcome message...
Response:   220 nas FTP server ready.
Command:   AUTH TLS
Response:   234 AUTH SSL command successful.
Status:   Initializing TLS...
Status:   Verifying certificate...
Command:   USER username
Status:   TLS/SSL connection established.
Response:   331 Password required for username.
Command:   PASS ******
Response:   230 User username logged in.
Command:   OPTS UTF8 ON
Response:   200 OK, UTF-8 enabled
Command:   PBSZ 0
Response:   200 PBSZ command successful (PBSZ=0).
Command:   PROT P
Response:   200 Protection level set to Private.
Status:   Connected
Status:   Retrieving directory listing...
Command:   PWD
Response:   257 "/" is current directory.
Command:   TYPE I
Response:   200 Type set to I.
Command:   PASV
Response:   227 Entering Passive Mode (xx,xx,xx,xx,217,3)
Command:   LIST
Error:   Connection timed out
Error:   Failed to retrieve directory listing


Total Commander gives me at last:
Code: Select all
500 Illegal PORT range rejected.


In DS1511+ logs I see that username succesfully connected to it.

I have 21/tcp and 55536-55663/tcp ports forwared to internal DS1511+ ip address. Also checked "Report external IP in PASV". In DS1511 no firewall rules.

Any suggestions ?
SlyT

Model: DS1511+
Firmware: DSM 4.0-2198
slyt
I'm New!
I'm New!
 
Posts: 2
Joined: Fri Mar 16, 2012 9:18 pm
Top

Re: 500 Illegal PORT range rejected (DSM 4.0)

Postby slyt » Tue Mar 20, 2012 5:18 pm

[SOLVED]
It sound strange but I change in FTP configuration pasv port range from default to custom leaving the same values (55536 - 55567). After that ftps connection is working like a charm.
SlyT

Model: DS1511+
Firmware: DSM 4.0-2198
slyt
I'm New!
I'm New!
 
Posts: 2
Joined: Fri Mar 16, 2012 9:18 pm
Top

Re: 500 Illegal PORT range rejected (DSM 4.0)

Postby zajnic » Wed May 02, 2012 2:08 pm

It was because you using active FTP to access which you firewall block the ftp data port that you initial the connection. That's 2 ports here; control and data port. When you initial the connection, you use random port let's say 1022 to talk to ftp control port 21. When the ftp server accepts your connection and start to talk to you. The ftp server starts sending data to you source from data port to your random port + 1. In this case, your firewall simply deny the connection as you didn't request for it.

To solution over this is to use passive ftp mode. You can read more here http://slacksite.com/other/ftp.html
zajnic
I'm New!
I'm New!
 
Posts: 1
Joined: Wed May 02, 2012 1:49 pm
Top
Post a reply

Return to FTP & WebDAV Server

Who is online

Users browsing this forum: No registered users and 2 guests

Powered by phpBB® Forum Software © phpBB Group