Opening Ports on AE to allow for outside FTP access to NAS

It is due to forwarding only port 21 but FTP only uses 21 to setup the connection.. it has to open a series of ports for the actual file transfer.

They are listed in your first screen shot.. On most routers the Dlink can open those ports.. on the AE it is failing due to Apple using NAT-PMP and not UPNP amongst others..

Look up the details of how passive ftp opens ports to transfer files and the issues of NAT.

http://slacksite.com/other/ftp.html

Try putting the dlink into the AE DMZ.. which is known as default server in some cases or in this case

Default host.

What is the IP of the AE btw?? is the AE actually the router and you have moved the IP because it is non-standard.. is the Dlink getting IP from the AE??

Either open them via port forwarding..

Or keep just port 21 and stick the Dlink in the Default host.

Only in your case it is 0.199

I cannot put in an IP that is illegal to my IP address system.

All right, I'm having similar issues and the situation is a bit more clear.

Reading this post i noted that you suggested a solution for opening up ftp passive ports.

I will need some clarification on that as well, since when i was using a motorola WLAN modem, everything was running smooth, for years, and now I'm fighting with a supposedly friendly product. (Angry? a bit.)

Anyway, found out that i can connect from outside to my NAS through FTP active mode, when i can also connect when at home through passive mode. You can read more there: https://discussions.apple.com/thread/2689329?answerId=22357691022#22357691022

So, somehow, it works now. I must note that Fetch and iStorage are seamlessly successful in both cases, they seem to auto-detect that they must switch modes by themselves. However Transmit is not successful unless you manually specify that you want to connect through active mode, and Aceplayer absolutely never manages to get through, there is not passive/active option in that software.

I should add that while testing, i had to factory reset the base station, and that the airport utility in 10.8 never managed to fix the blinking orange led. "An error occured". I had to startup an old laptop running 10.6 to set it up again in minutes, after an hour of repeated resets and startups - and despair.

Not sure if it's about firmware or airport utility versions, but the Apple baby-sitter scheme is severely broken this time.

I recommend you go back to default on the AE.. I have seen issues before where moving default IP can cause issues.. if it fails, well it didn't work but it is worth a go.

Is this the latest AC version AE.. if so you cannot go back to 10.6 OS because only Lion or Mountain Lion can support 6.3 utility which is required for the new AC..

I personally have suspicions that opening ports on the v6 utility doesn't work.. and I do always recommend people who run into difficulty as per the post by ddelcourt use v5.. Unfortunately with the latest you are stuck.. v5 utility no longer works.

You may be better simply returning the AE and buy another brand.. Asus make a well regarded AC version wireless router.

Looks like I am not alone afterall.

Yep, gonna get the Asus myself.

I think you commented in another thread.. although Apple do not make FTP available in the TC or AE with attached hard drive.. it is possible the port is used internally. That makes it impossible to use FTP at its usual port of 21.. although you may have better luck on a non-standard port..

They will get around to fixing this I am sure... it is just one of a heap of bugs that need fixing.

Yeah I finally just redid my set up all over again, leaving my TC as my default router, and set the APE(ac) as a bridge.

Worked right away with the TC.

Although I did have some issues trying to reserve DHCP with the mac address of the NAS.

I kind of wish Apple would have an advanced tab that would open a whole configuration of port schemes like Netgear/Asus ect...

I love Apple, but come on!!!

I purchased a new Airport Extreme AC several weeks ago (mostly because I wanted it - and not because I needed it). It has been working great - setup was very quick - and it even copied all of my settings from the TC during the setup process. This is a significant plus - if you have a lot of DHCP reservations and other non-default settings. until I discovered a few days ago that external access to FTP was no longer working - or - at best intermittently working. I had previously been using a 3rd Generation Time Capsule - and FTP was working fine with the TC.

I actually put the TC back in place as the router - and FTP again worked fine by port forwarding Public TCP port 21 to private TCP port 21. External FTP via the Time Capsule works fine - whther or not you are sharing the attached drives (internal as well as USB extrnal drive). I aslo did the same thing with a 2nd Gen Airport Express - and external FTP worked fine. (The Airport Express does not support the connection of a USB drive). The TC, Airport Extreme AC, and Airport Express are all on the latest firnware - 7.6.4.

I tried the Airport Extreme AC - both with a USB drive attached (and with file sharing enabled) and with no USB drive attached (with file sharing disabled). The results were the same as intially - external FTP would at best be flaky - and would hang on every other external connection attempt. It seems that after a restart of the Airport Extreme AC - that external FTP would appear to be reliable for a handful of intial connect attempts - but would soon revert back to the intermittent hang upon external connect.

In all cases - with the Airport Extreme AC - internal FTP would be fine - not so much as even a hiccup.

Also - I should note the FTP server in question - is a D-LINK DNS323 NAS. I tried extenal FTP using 2 other FTP servers - and the results were the same. The problem is not the DNS323 and is definitely the Airport Extreme AC. I suspect that this is a bug - vs a non-supported feature - as it appears that external FTP is allowed on port 21 - and the AC is hiccupping on the port forward on a frequent basis. I think if it were a "limitation" of the AC - then external FTP would simply not function at all.

I have tried the various solutions suggested in this thread - to no avail. Putting the FTP server into the DMZ (default host) resulted in no change in the intermittent connects. Using FTP on an alternate port (port 1027) for both external and internal - resulted in service not available. Using external port 1027 and internal 21 - also results in service not available.

The one solution that works (although not optimal) is to run the FTP Server - (in this case the DNS323) on port 1027 internally - and port forward external TCP 21 to Internal TCP 1027. This allows an external user to type in: ftp myftpserver.mydomain.com - and connect via port 21. The downside of this is that it will not work internally - in that internally you cannot specify ftp myftpserver.mydomain.com - as it results in service unavailble - whereas with port TCP 21 forwarded to TCP 21 - you can use the external domain name - either internally or externally - and both resolve correcdtly. With the TCP 21 -> TCP 1027 - internally you must specify the port number on the ftp command line: ftp myftpserver.mydomain.com 1027 (in Mac - Unix and Linux) but for an internal Windows user - the windows ftp command line does not allow the port number to be specified on the command line - you must either use a script file with the ftp command - or the use must say "ftp" and then at the ftp prompt - type in "open myftpserver.mydomain.com 1027". This is rather painful - but it does get around the intermittent external ftp failure.

The last observation that I wanted to point out is that I have an iPhone Password app (called Keeper). I have used it for a long time - and I back it up by exporting my encrypted datafile to my ftp server. The app does not allow the port number to be specified - but it does allow me to specify active or passive ftp. When the Time Capsule is the router - and external port 21 is forwarded to internal port 21 - the Keeper app exports the file just fine - either using passive or active FTP. But ... with the Airport Extreme AC (even with external port 21 forwarded to internal port 1027) - the keeper app is unable to connect to the FTP server - and simply hangs. When it does not hang - it fails immediately. This is telling me that the Aiport Extreme AC (even with the non-standard port workaround) is not playing nice with all FTP clients.

I am not thrilled about how much time I have had to spend on this. I will contact apple - and most likely file a bug report - but I suspect I will be going back to a non-Airport router - because in the end - it may be the quickest solution.

Hopefully this post will help others. I am pretty confident that this is a "bug" - and not an intentional "We don't support external FTP on port 21" - (with or without an external drive attached to the Airport Extreme AC). I like the product otherwise.

~Scott

I have been trying to go through the posts trying to figure out why the new TC wont access certain websites. I guess the new TCs have bugs as well. I am so used to apple devices working without a hitch that the TC seems like a let down. Certainly not thrilled with the amount of time spent going through the posts trying to figure this out.

Another issue I find is that the speed through the TC is slower than directly connecting to the modem or the older linksys router. To top it off, the TC wont let me connect to sites like speedtest.net. 😟

Thanks for your post, I almost lost a faith in my skills. Workaround does not work for me, however. Serious bug. I have AP Extreme, firmware 7.7.1. I'm ******, because I "upgraded" my router from Netgear to AP just for fun of having another Apple's gadget. No need to add forwarding worked as charm before...

Correction to my previous post. My Airport Extreme AC is on firmware 7.7.1 (and shipped with that version of the firmware). My other airport devices (Airport Express 802.11n (gen 1) and Airport Express 802.11n (gen 2) and Time Capsule (Gen 3) - are all on 7.6.4.

whatisnext: The TC and the AEX-AC should both allow you to run a speed test over wifi and still show that you are getting the max speed available from your ISP. In my case - whether I use the TC or AEX-AC - I still show 57Mbs on the download over wifi - most of the time - and there are some locations in my house where I only show 30Mbs - but they seem to be dead spots - regardless of which Airport device is providing the wifi. My Airport Express 802.11n Gen 2 - will show 57Mbs - but the range and strength of the the 5GHz channel is noticeably weaker than the TC or the AEX-AC. Your Time Capsule may possibly have a weak or unstable wifi signal. Have you done the speed test wired (assuming you have the TC set up as a router)?

aceJacek: I am not understanding the part about "No Need to Add Port forwarding - worked as charm before...". This thread is about problems with port forwarding FTP port 21 - and the inability to do so - or to do so reliably with the Airport Extreme AC. Could you elaborate on your post so that it might be helpful to others?