I'm having problems with FTP over TLS. Right now I'm using Pure-FTPd 1.0.22. Within my network, 1xx.xxx.xxx.0/24, I can use both FTP and FTPES connections with any problems. However, outside, I can only use FTP. PF is turned off.

My config file is the same as default, with the exception of TLS set to 1 (accept both traditional and encrypted sessions).

I'm suspecting that there's a problem with the hardware firewall before the router, but I'm not sure.

When I use telnet and type AUTH TLS, I get the reply 500 Command Not Understood.

I'm suspecting that there's a problem with the hardware firewall before the router, but I'm not sure.

Well, might as well eliminate or confirm that possibility.

%grep -i ftps /etc/services
ftps-data 989/tcp # ftp protocol, data, over TLS/SSL
ftps-data 989/udp
ftps 990/tcp # ftp protocol, control, over TLS/SSL
ftps 990/udp

Try a port scan to see if tcp 989 / 990 are open to you.

nc -zvw 1 ftp.server.here 990

What output does that give you? (Check the data port too.)

sockstat -4 | grep ftp

root pure-ftpd 766 4 tcp4 *:21 *:*


The encrypted session doesn't seem to use port 989 and 990. It goes over port 21 as well.

You need to use ftps aware client such as lftp or ftp/ftp-tls/ or winscp or http://fireftp.mozdev.org/

I am using FileZilla. FTPES works within my network, but when I try it from home, it fails. The firewall rules have been set to pass all traffic.