What's new

Running an FTP/FTPS on Merlin firmware Recommendations

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Makaveli

Very Senior Member
Hello all,

I have an FTP setup on Merlin and everything is working fine but looking to see what are the best recommendations when setting one up. And maybe this post maybe useful for someone considering it. Also want to touch on FTP / FTPS.

I'm currently using FileZilla Server to run the FTP.



My setup in the firmware is this.




So first question is Port Forwarding the a choice then Port Trigger?

Now onto FTPS

If I enable it are the x.590 certificate a requirement?

Also based on the 990 default port does that require another port forward?

 
Last edited:
I like that you are using DU meter I haven't used that app in like 10+ years, I may readd it to my list of utilities installed.

LOL Guilty as charged. Once you are up around the 60 y.o. mark the chase for the latest and greatest eases off and the appreciation for the tried, true and working is enhanced. That said, show me something better and I’m still all over it hence my recent discovery and adoption of RMerlin. :)
 
These days I just use the task manager since it doesn't require me to install anything.

 
These days I just use the task manager since it doesn't require me to install anything.


I use DUMeter mostly for the network traffic totals and review data in bound and out bound to get an idea of anything odd that might be going on.
 
Hi.
I use filezilla behind a router too, but I don't have a fixed IP and I need to use a DDNS.
I have a problem with passive FTP. The server needs to know my WAN IP for the PASV reply. There are two options in filezilla:
- Ask the DNS (router) for the IP of DDNS name. This doesn't work because the router replies with local address of the server.
- Ask a remote web server that sends back the IP address of the incomming connection.

Is there any method to get the WAN IP from Merlin fw as the sole content of a web page?
 
You mean filezilla's server?
Yes.

My server would depend on theirs.
You're dependent on their servers for software updates anyway. Likewise you're dependent on your DDNS provider for associating your dynamic IP address.

But to answer your original question; no, there isn't a router URL that just returns the WAN IP address. Maybe your DDNS provider has a suitable URL you could use?
 
Hi.
I use filezilla behind a router too, but I don't have a fixed IP and I need to use a DDNS.
I have a problem with passive FTP. The server needs to know my WAN IP for the PASV reply. There are two options in filezilla:
- Ask the DNS (router) for the IP of DDNS name. This doesn't work because the router replies with local address of the server.
- Ask a remote web server that sends back the IP address of the incomming connection.

Is there any method to get the WAN IP from Merlin fw as the sole content of a web page?

I was just checking this and I am able to recreate your issue.

The server has been configured to use the DDNS instead of IP.



If I go to https://ftptest.net and test it.

 
The server has been configured to use the DDNS instead of IP.
The main problem the OP was having was that the router's DNS server was returning the router's internal IP address instead of the external IP address when querying his DDNS name. That doesn't appear to be a problem for you because I'm assuming that's why you blanked out the IP address in the second line of your test log image.


If I go to https://ftptest.net and test it.

I don't find this (PASV returning a private address) to be a problem because all the clients I use are aware of the problems with NAT and work around it. Filezilla client for example:
Code:
Command:    PASV
Response:   227 Entering Passive Mode (192,168,1,10,215,35).
Status:     Server sent passive reply with unroutable address. Using server address instead.
Trace:       Reply: 192.168.1.10, peer: 80.xx.yy.zz
 
Last edited:
Hi.
The main problem the OP was having was that the router's DNS server was returning the router's internal IP address instead of the external IP address when querying his DDNS name. That doesn't appear to be a problem for you because I'm assuming that's why you blanked out the IP address in the second line of your test log image.



I don't find this (PASV returning a private address) to be a problem because all the clients I use are aware of the problems with NAT and work around it. Filezilla client for example:
Code:
Command:    PASV
Response:   227 Entering Passive Mode (192,168,1,10,215,35).
Status:     Server sent passive reply with unroutable address. Using server address instead.
Trace:       Reply: 192.168.1.10, peer: 80.xx.yy.zz

I have a problem with passive FTP. The server needs to know my WAN IP for the PASV reply. There are two options in filezilla:
- Ask the DNS (router) for the IP of DDNS name. This doesn't work because the router replies with local address of the server.
- Ask a remote web server that sends back the IP address of the incomming connection.

Is there any method to get the WAN IP from Merlin fw as the sole content of a web page?

You are correct I see my mistake.

And yes after testing in the filezilla client I get in without the error from the test site.
 
Last edited:

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top