Unable to access vsftpd from public ip

Solution 1:

From your networking setup your problem might be that of hairpin NAT

Additionally you seem to try and negotiate a TLS connection with the AUTTH TLS command but you have don't any references to enable TLS support in your vsftpd.conf

Although for a different FTP server also read this answer on the potential issues with FTP over TLS and NAT.

Solution 2:

I finally resolved this by enabling ssl and commenting few lines in my vsftpd.conf for allowing system users instead of the ones defined using pam.d.

I can now access sftp (and I have a strong doubt that my ISP is blocking access on 21, Any how it gave me more secure access), From outside network with the following /etc/vsftpd.conf

listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
local_root=/var/www
chroot_local_user=YES
allow_writeable_chroot=YES
hide_ids=YES

#virutal user settings
user_config_dir=/etc/vsftpd_user_conf
#guest_enable=YES
virtual_use_local_privs=YES
#pam_service_name=vsftpd
#nopriv_user=vsftpd
#guest_username=vsftpd

rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem

ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES

ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO

require_ssl_reuse=NO
ssl_ciphers=HIGH

start on (filesystem
        and net-device-up IFACE!=lo)

Hope, it helps any one who encounter the same in future.