Error: The data connection could not be established: ECONNREFUSED - Connection refused by server

When connecting to internet address in the FTP client we get an error
Error: The data connection could not be established: ECONNREFUSED - Connection refused by server

When connecting through same client to FTP server error does not occur (When connecting through local LAN’s clients)

Window Firewall is off.

Tried with changing ports.

We have two server running fine .So network configuration is done proper.

Error log is :

Status: Connecting to 117.247.9.3:2555...
Status: Connection established, waiting for welcome message...
Response:   220-FileZilla Server version 0.9.40 beta
Response:   220-written by Tim Kosse ([email protected])
Response:   220 Please visit http://sourceforge.net/projects/filezilla/
Command:    USER ++++
Response:   331 Password required for ++++
Command:    PASS ******
Response:   230 Logged on
Status: Connected
Status: Retrieving directory listing...
Command:    PWD
Response:   257 "/" is current directory.
Command:    TYPE I
Response:   200 Type set to I
Command:    PASV
Response:   227 Entering Passive Mode (192,168,1,78,5,245)
Status: Server sent passive reply with unroutable address. Using server address instead.
Command:    MLSD
Error:  The data connection could not be established: ECONNREFUSED - Connection refused by server
Response:   425 Can't open data connection.
Error:  Failed to retrieve directory listing


Status: Connecting to 117.247.9.3:2555...
Status: Connection established, waiting for welcome message...
Response:   220-FileZilla Server version 0.9.40 beta
Response:   220-written by Tim Kosse ([email protected])
Response:   220 Please visit http://sourceforge.net/projects/filezilla/
Command:    USER ++++
Response:   331 Password required for ++++
Command:    PASS ******
Response:   230 Logged on
Status: Connected
Status: Retrieving directory listing...
Command:    PWD
Response:   257 "/" is current directory.
Command:    TYPE I
Response:   200 Type set to I
Command:    PASV
Response:   227 Entering Passive Mode (192,168,1,78,5,255)
Status: Server sent passive reply with unroutable address. Using server address instead.
Command:    MLSD
Error:  The data connection could not be established: ECONNREFUSED - Connection refused by server
Response:   425 Can't open data connection.
Error:  Failed to retrieve directory listing

Response: 227 Entering Passive Mode (192,168,1,78,5,245)
Status: Server sent passive reply with unroutable address. Using server address instead.

It looks like the server is inside a private network, that is behind a router/firewall. But you access the server from outside the private network. Unless the router/firewall has special helpers to deal with this situation and to rewrite the traffic this will not work with passive mode. Given the above response from the server received by the client you have no such router/firewall.

In this case you would have to need active mode. But, if both client and server are behind such a router/firewall and are in different networks even active mode will not work.


Response:   227 Entering Passive Mode (192,168,1,78,5,245)
Status: Server sent passive reply with unroutable address. Using server address instead.
Command:    MLSD
Error:  The data connection could not be established: ECONNREFUSED - Connection refused by server
Response:   425 Can't open data connection.
Error:  Failed to retrieve directory listing

I. You are using Passive mode to connect to server. Passive mode connect to server, it will open a random port above 1023. So if you are using iptables on the server, you need do 2 things:

  1. Edit iptables config file. Append 2 rows:

    -A INPUT -m state --state NEW -m tcp -p tcp --dport 20:21 -j ACCEPT
    -A INPUT -m state --state NEW -m tcp -p tcp --dport 10000:10100 -j ACCEPT
    
  2. Edit /etc/vsftpd/vsftpd.conf. Append these lines:

    pasv_enable=YES
    pasv_max_port=10100
    pasv_min_port=10000
    port_enable=YES
    pasv_address=158.199.195.249
    

II. Easier way to fix.

Go to FileZilla -> Settings -> FTP -> Switch "Passive mode" to "Active"