When trying to connect via FTP clients, the misconfiguration in the FTP configuration file results in an error like “Server sent passive reply with unroutable address”.
Many of our customers allow their website developers to have restricted access to the server due to security reasons.
So, developers often use FTP clients like FileZilla to upload and download files from the server, they come across this error message.
Here at Bobcares, we have seen several such FTP-related errors as part of our Server Management Services for web hosts and online service providers.
Today we’ll take a look at the causes and their respective fixes for this error message.
How we fix the FTP error ‘Server sent passive reply with unroutable address’
Now, let’s see the major reasons for this FTP error and how our Support Engineers fix it.
Bad firewall settings
Recently, one of our customers approached us with this error message’. Using server address instead when connecting to an FTP site.
On checking, we found that passive ports were not allowed on the firewall settings. This results in clients unable to connect to their server from the outside network.
So, we teak the firewall setting as adding passive ports range in firewall settings.
NAT configuration
Similarly, another customer had a problem with his FTP connection, when he tried to connect the FTP server with FileZilla and getting the following errors
Server sent passive reply with unroutable address. Using server address instead.
On investigating, we found that the FTP client was behind NAT. However, the FTP protocol doesn’t support NAT at all. Also, the client explicitly informs the server in active mode to open a secondary connection to the server’s IP address, which will not work if the client is behind NAT
So, we edit the /etc/vsftpd.conf file as below
pasv_address=<your.external.IP>
Finally, this fixed the error.
[Need assistance to manage the FTP server? We’ll help you.]
Conclusion
In short, this error occurs due to bad server settings or when an FTP client is behind NAT. Today, we saw how our Support Engineers fix it.
0 Comments