我已将 AWS EC2 实例配置为 FTP 服务器(被动模式),并将负载均衡器目标组附加到实例。负载均衡器侦听器端口为 21。我面临的问题是,我的蜂窝设备无法与 FTP 服务器建立数据连接,连接在 PASV 命令后超时,尽管服务器发送了日志中可用的响应。使用 wifi 连接时不会出现这种情况。在我的笔记本电脑上使用 filezilla 时,一切都运行顺利,尽管使用移动热点时会出现一个全新的错误(添加如下)。我已经检查了没有负载均衡器的蜂窝 FTP 连接,它工作正常。
Status: Resolving address of ftp-loadbalancer-b66f394783ab4656.elb.us-east-1.amazonaws.com
Status: Connecting to [64:ff9b::3e5:5d75]:21...
Status: Connection established, waiting for welcome message...
Status: Insecure server, it does not support FTP over TLS.
Status: Logged in
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/"
Command: TYPE I
Response: 200 Switching to Binary mode.
Command: EPSV
Response: 229 Entering Extended Passive Mode (|||43735|).
Command: LIST
Error: Connection timed out after 20 seconds of inactivity
Error: Failed to retrieve directory listing
Status: Disconnected from server
Status: Resolving address of ftp-loadbalancer-b66f394783ab4656.elb.us-east-1.amazonaws.com
Status: Connecting to [64:ff9b::3e5:5d75]:21...
Status: Connection established, waiting for welcome message...
Status: Insecure server, it does not support FTP over TLS.
Status: Logged in
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/"
Command: TYPE I
Response: 200 Switching to Binary mode.
Command: EPSV
Response: 229 Entering Extended Passive Mode (|||42066|).
Command: LIST
Error: Connection timed out after 20 seconds of inactivity
Error: Failed to retrieve directory listing
谢谢
答案1
我假设您的办公室 wifi 有一个 SG(安全组)规则,允许从您的办公室 IP 范围的流量到端口?
使用 whatsmyip.com 找出您的手机来自哪里,然后添加 SG 规则和端口。
使用 nmap 查看是否确实可以访问该端口。我通常总是使用隐秘扫描
nmap -sS (AWS public IP you are going to)
如果您有 AWS 防火墙规则/安全组或 AWS 中的任何防火墙设备,则需要打开以下端口的访问权限:端口:21(用于 FTP)端口:990(用于 FTPS)被动端口范围:50000 – 51000(用于数据传输)