AWS:EC2:: Could not connect FTP client?

amazon-ec2 ftp

My Server OS: Amazon Linux

I am trying to set up ftp. I have:

  • Installed vsftpd

  • open port 20-21

  • open port 1024 - 1048

Basically, I followed every of these steps

  • Start vsftpd service (the status indicate [ok])

I use filezilla for my ftp client.

Here is my setting/configuration:

Host: ec2-XX-XX-XXX-XX.compute-1.amazonaws.com

Port: -(blank, but I have tried 20 and 21 though)

Server Type: FTP - File Transder Protocol

Logon Type: Normal

Username: (tried root and ec2-user)

Transfer mode: Tried passive and active

I always has this error:

Status: Waiting to retry...
Status: Resolving address of ec2-XX-XX-XXX-XX.compute-1.amazonaws.com
Status: Connecting to XX.XX.XXX.XX:21...
Error:  Connection timed out
Error:  Could not connect to server

Have I missed any configuration/settings?

EDIT

After execute the /sbin/iptables -L -n

Here is the result:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

You have to enable passive mode in vsftpd, and make it listen to the elastic IP of your instance:

  • pasv_enable=YES
  • pasv_min_port=1024
  • pasv_max_port=1048
  • port_enable=YES
  • pasv_address=Elastic IP

Also, open up ports 1024-1048 in the server's security group, and on your linux server. Dont forget port 21 as well ;)


If you just want to transfer files between your EC2 instance and your local machine, I don't see a reason you need to install an FTP server. You can either use psftp or filezillia with your private key to connect to your EC2 instance securely over port 22. This post has step by step instructions. http://lzw-programmingjourney.blogspot.com/2011/12/set-up-ftp-server-on-amazon-aws-ec2.html


From the log, it is clear that the port 21 is being blocked at some way.

At server side, you need to check if VSFTPD is listening on ALL IP addresses,, and check it with command

netstat -ntlp

After that, the port 21 should be open in the Amazon cloud security group, from desired IP address.

Before initiating any connection to the server, try to run NMAP port scan to see if the port 21 is actually open from client side. for it run:

nmap -vv -P0 (server IP address or DNS)

Related

Run local script over ssh
How do I setup a HOSTS file on different operating systems?
Determine which DFS referral target a user is using
AWS VPC internet gateway and AWS services
apache httpd restarts every 24 hours
Why is "victuals" pronounced "vittles"?
Is there a single word for "copied & pasted"? [closed]
What is the origin of "when the chips are down"?
Analogue of "most recent" for events in the future
"For both X and Y" or "both for X and Y" or ...?
What is the female equivalent for "uxorious"?
“Golden crown” vs. “gold crown”