After a brief hiatus (3 months) , I'm finally back to working on this project. The results have been mixed and the growing pains have been... well... painful!
The current candidate that I'm experimenting with is Cerberus. After fighting with this off and on today, i believe i finally have it semi-successfully configured. The hardest part about this ordeal is not having access to a machine that is outside of my network. There's been a lot of configuring/tweaking followed by waiting around for someone to be online to test this out. Hurry up and wait. The story of my life it seems. :)
Initial install was a snap. Click next a bunch of times and nothing major to worry about configuring really. Creating a user account and granting them permissions was pretty intuitive.
The problems began to arise when i had my guinea pig... er test subject attempt to connect. No luck. According to log files, he could connect to my machine and authenticate but then after about 30 seconds would get booted.
(log file excerpt)
Apr 06 17:06:31 16 Incoming connection request on interface 192.168.1.101
Apr 06 17:06:31 16 Connection request accepted from 76.229.xxx.xx
Apr 06 17:06:31 16 USER wwwww
Apr 06 17:06:31 16 331 User wwwww, password please
Apr 06 17:06:31 16 PASS ***********
Apr 06 17:06:31 16 230 Password Ok, User logged in
Apr 06 17:06:32 16 FEAT
Apr 06 17:06:32 16 211- Additional features supported include: MDTM SIZE REST STREAM AUTH TLS AUTH SSL PBSZ PROT LANG EN* SITE CHMOD SITE PSWD 211 End
Apr 06 17:06:32 16 SYST
Apr 06 17:06:32 16 215 UNIX Type: L8
Apr 06 17:06:32 16 PWD
Apr 06 17:06:32 16 257 "/" is the current directory
Apr 06 17:06:32 16 TYPE A
Apr 06 17:06:32 16 200 Type ASCII
Apr 06 17:06:32 16 PASV
Apr 06 17:06:32 16 227 Entering Passive Mode (24,160,xxx,xx,xx)
Apr 06 17:06:32 16 Error closing connection: An existing connection was forcibly closed by the remote host.
Apr 06 17:06:32 16 Connection terminated.
What's going on here? What did i miss? Why does he keep getting disconnected? Port forwarding has been set and is active in the router so all port 21 traffic is going to my machine. I created firewall exceptions in the Windows firewall just to be sure it works. Target directory is set to share with all users now. He kept getting booted after 30 seconds and was unable to transfer any data either way. I've seen this work no problem at a friends house so what is wrong on my end?
The fact that he could authenticate and access my box was a huge step but something was bothering me about him getting booted whenever it went to PASV mode. Documentation pointed to making sure that was configured properly. A-hah! When behind a router, make sure that you specify the ip address for PASV (typically the ip of the router). Still no luck.
After some consultation with a friend, i got a crash course that most documentation doesn't spell out for you. Yes, i had port 21 open which is correct. The problem is that when in PASV mode you need other ports open/forwarded. The default ports are 1025-3500. That means i had to forward all of these (excluding 3389 which is RDP for my roommate) to my box also. NOW things were making more sense....
After finally getting these extra ports forwarded, a friend was able to successfully connect and transfer data. Success! Essentially everything i'd tried to do earlier had no real effect on the situation because i missed something very simple early on. I made the mistake of assuming that i just needed 21 routed and that wound up costing me a lot of time. In hindsight this appears to be the same issue that i ran into with FileZilla Server a couple months ago. Lesson learned.
Now that everything is up and running I'm content. I can always open the ports if/when i plan to use this server app but for the time being they'll remain closed. What can i say? Why leave your doors unlocked when you're not home? Mission accomplished. I can share files if need be with people and they can download at their leisure.
Grumbles:
-No SFTP capability
-No means by which to limit bandwidth usage.
-Server Manager menu is clumsy (IMHO).
Pros:
-Logging is very straight forward.
-I like the small pop up notification for when someone is attempting to connect.
-IP manager seems very straightforward.
-User management is easy.
-Help documentation was.... HELPFUL!
Still looking for an app that will enable me to do SFTP and limit bandwidth. Suggestions are welcome. Eventually I'll be doing this on a Linux box but not having a functional Linux box (thanks to yPerr) kind of kills that idea. Stay tuned....
No comments:
Post a Comment