Drobo

FTP Remote Access

Hi,

So after hours of googling and trying everything I can to get this to work, I think that I’m almost there. If anyone could offer me the last bits of advice, I would appreciate it incredibly.

My goal is to allow remote access to the files on my Drobo FS. It seems that FTP is the easiest way to do this. I’ve installed the DroboApp, Pure-FTPd, and have enabled port mapping on my (Apple Time Capsule) router of port 21 to the LOCAL, static IP address of my Drobo.

(In case I’ve done this incorrectly, my settings are this: In the Port Mapping Assistant on the router’s control panel, I have the following settings:

Public TCP Port(s): 21
Private IP Address: 10.0.1.8 (the local address of my Drobo)
Private TCP Port(s): 21

*Note that the two other fields, Public UDP Port(s) and Private UDP Port(s), are left blank.

From WITHIN my network, if I navigate my web browser to the following address, I am given access to the root directory of my Drobo:

ftp://[default Drobo ftp username]:[default Drobo ftp password]@[my router’s IP address]:21/

*Default username and password as specified on the Pure-FTPd DroboApp page

When I navigate a web browser on a computer OUTSIDE my network to the very same address, I get the following message:

“Sorry, the operation could not be completed because an unexpected error occurred. [Error code -50]”

This message is displayed after the browser seems to be tying to make the connection.

If anyone has any ideas about what to do or what I’m doing wrong, as I said I would appreciate it tremendously. As you can see I’m a bit of a novice with these things but I’m trying everything I can to figure it out.

Thanks in advance for all your help,

CB

In which network is your Drobo physically located? Would it be, by any chance, an university network?

My experience has been that most non-ISP (and some bad ISP) networks actively block incoming connections to traditional internet applications such as FTP.

There are several reasons for them to do that, but usually the one they give is about security. Technically, they are right, in practice they are just being greedy b*******.

The problem, you see, is that FTP has no encryption. Therefore, all your traffic comes in and goes out in the clear, meaning anyone sitting on a wireless lan with you (say, at Starbucks), could grab your login, password and all the traffic going back and forth.

If that is not bad enough, there are people constantly scanning the web for servers running at their default ports. I had private webserver running at port 80 with basic authentication, and boy oh boy, my log files would grow to several MB due to scanners trying to brute-force the password.

My advice to you is to change the FTP port from 21 to something else, say 21021. This way you get less visibility from scanners, and you might bypass simple firewall rules from your ISP.

In any case, you might want to try this connection tester: ShieldsUP!. Go there from your home network. Normally you would want all the ports to be closed, but in this case make sure that port 21 (or whatever you are using) shows up as open.

Hi Ricardo,

Thanks so much for your response. In answer to your first question, no–I am not on a university network. I am on my personal home network, which is ver simply setup as a cable modem to my router and then my router to my Drobo and my Mac. I have been in touch with my ISP and according to them at least, they do not block any incoming connections, including to FTP.

Do the settings I have listed above for my port forwarding make sense (even if we forget for the moment about security, which I will address once I can confirm that I am able to access the Drobo remotely)? Those settings being these, and keeping in mind that I have not put anything in the UDP fields?:

Public TCP Port(s): 21
Private IP Address: 10.0.1.8 (the local address of my Drobo)
Private TCP Port(s): 21

Or maybe is there something wrong with the construction of the FTP address that I am trying to connect remotely with?

I am also not at all wedded to FTP as the solution for my remote access. If there is another, easier and/or more secure method that you could recommend, that would be fantastic.

And as for the ShieldsUP! tester: I followed the link from my home network, but given my limited level of literacy, I’m not sure what to be looking for on that site.

Thank you again for your help, and do let me know if other thoughts or ideas come to mind,

CB

Have you clicked the “Proceed” button?

You need both ports 21 and 22 for active FTP. One is the control and the other is the data connection.

If you use passive FTP, then you need to use what’s commonly termed Port Triggering on your router in order for the server to initiate and open a custom port.

Personally I’d start with active FTP first as it’s one less variable involved.

After you get active FTP working you can try to reconfigure for passive FTP if you wish.

Active FTP vs Passive FTP

[quote=“bhiga, post:5, topic:2248”]
You need both ports 21 and 22 for active FTP.[/quote]

I forward ports 20 & 21.

20 for data, 21 for command.

http://slacksite.com/other/ftp.html

[quote=“bhiga, post:5, topic:2248”]
You need both ports 21 and 22 for active FTP.[/quote]

I forward ports 20 & 21.

20 for data, 21 for command.

22 is SSH (I think).

http://slacksite.com/other/ftp.html

22 is SSH.

[quote=“lonetreejim, post:7, topic:2248”]

Sorry typoed - you are correct, it’s 20 and 21, and 22 is SSH. :slight_smile: