Why Does Internet Access to an ECS Deployed with FTP Fail?
Symptom
- You cannot access a Windows ECS with FTP deployed by using an EIP.
- The FTP client cannot access the FTP server, and the connection times out.
- It takes a lot of time to upload files.
Possible Causes
- The security group associated with the target ECS denies inbound traffic.
- The firewall of the ECS blocks the FTP process.
Enabling FTP Firewall Support
To allow a HUAWEI CLOUD server to access an FTP server deployed on an ECS using an EIP, the FTP server must work in passive mode. In this case, enable FTP firewall support.
- Double-click FTP Firewall Support.
- Set parameters and click Apply.
- Data Channel Port Range: specifies the range of ports used for passive connections. The port range is 1025-65535. Configure this parameter based on site requirements.
- External IP Address of Firewall: Enter the public IP address of the ECS.
- Restart the ECS for the firewall configuration to take effect.
Setting the Security Group and Firewall
After deploying FTP, add a rule to the target security group to allow access to the FTP port in the inbound direction.
After enabling FTP firewall support, allow access to the ports used by the FTP site and the data channel ports used by the FTP firewall in the security group.
By default, the firewall allows access to TCP port 21 for FTP. If another port is used, add an inbound rule that allows access to that port on the firewall.
- Log in to the management console.
- Click
in the upper left corner and select your region and project. - Under Compute, click Elastic Cloud Server.
- On the Elastic Cloud Server page, click the name of the target ECS.
The page providing details about the ECS is displayed.
- Click the Security Groups tab and view security group rules.
- Click the security group ID.
The system automatically switches to the Security Group page.
- On the Inbound Rules tab, click Add Rule and configure the access rule for the inbound direction.
Set Source to the IP address segment containing the IP addresses allowed to access the ECS over the Internet.
The valid port range that can be specified in Enabling FTP Firewall Support is 1025-65535. For example, the configured data port range is 5000-6000.
The default source IP address 0.0.0.0/0 indicates that all IP addresses can access ECSs in the security group.
File Upload/Data Transfer FAQs
- How Do I Upload Files to My ECS?
- How Can I Transfer Files from a Local Windows Computer to a Windows ECS?
- How Can I Use OBS to Transfer Files from a Local Windows Computer to a Windows ECS?
- How Can I Use WinSCP to Transfer Files from a Local Windows Computer to a Linux ECS?
- How Can I Transfer Files from a Local Mac to a Windows ECS?
- How Can I Use SCP to Transfer Files Between a Local Linux Computer and a Linux ECS?
- How Can I Use SFTP to Transfer Files Between a Local Linux Computer and a Linux ECS?
- How Can I Use FTP to Transfer Files from a Local Windows Computer to a Windows or Linux ECS?
- How Can I Use FTP to Transfer Files Between a Local Linux Computer and a Linux ECS?
- How Can I Transfer Data Between a Local Computer and a Windows ECS?
- What Should I Do If the Connection Between the Client and the Server Times Out When I Upload a File Using FTP?
- What Should I Do If Writing Data Failed When I Upload a File Using FTP?
- Why Does Internet Access to an ECS Deployed with FTP Fail?
- Why Am I Seeing an FTP Folder Error When I Open a Folder on an FTP Server?
- Why Do I Fail to Connect to a Linux ECS Using WinSCP?
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbotmore
