I know there are lots of post out there on this but I feel like I've tried everything. I've worked with my IT staff and we're all stumped. So here is all of the possibly useful information I can think of:
- There was an FTP server in our datacenter with only a public IP.
- I setup a new FTP server in AWS that had an internal IP on our network via Direct Connect and an EIP associated.
- I configured it with the same version of PureFTPd (1.0.43) exactly the same except:
- I added
ForcePassiveIP PUBLIC_ELASTIC_IP - I changed the passive port range from
7000-50000to40000-50000
- I added
- I copied the certificate from the old server to the new one
- Then switched over the DNS
Here is where it gets weird:
- I can connect to the FTP server from home or any other network outside of the office with no problem
- I can connect with standard passive FTP over port 21 from inside the office
- I cannot connect over FTPS (Explict FTP over TLS) still over port 21 from inside the office
- I can connect to our corporate VPN from inside the office then connect fine to the server using FTPS
- I don't manage the VPN or firewall but I've been told the office and vpn shared the same pool of public IPs for DHCP and are directed to through the same firewall. They do have different internal IPs.
Here it is failing (it times out on the PSBV 0 command and tries again):
And here it is working once on the VPN:
Any ideas?
