passive Archives

How to allow passive FTP connections in Plesk on Amazon EC2

AWS LogoPassive FTP connections should work out of the box in Plesk. If no other firewall or NAT is interfering with it.

I’ve recently noticed that when I install Plesk on Amazon EC2 every passive FTP connection fails with an error such as “Server sent passive reply with unroutable address. Passive mode failed.”

The reason for this mishap is twofold:

EC2 instances are behind a NAT, and therefore have an internal (unroutable) IP, and an external (public) IP. When a passive connection request comes in, ProFTP – Plesk’s default FTP Server – tells the connecting client its internal private IP address, and in turn quite rightly fails to connect to it.

On top of that, we need to make sure to open a range of ports we want to use for passive FTP connections and tell ProFTP only to use those.

Let’s do all this this step by step!

Read more