I installed dietpi in a RPi3b+ as a centralized storage solution and NAS. All is well when working inside the network, but when I switch to an outside network, every connection is refused.
This is exclusive to the dietpi device. If I start ssh service in Odroid C2, running CoreELEC, I can connect to it immediately. Any service I try to connect in Dietpi returns an error 1005 connection refused. Ports are open to both devices. Also, I tried to stop Fail2ban and nothing changed.
What am I missing?
Cheers
Edit: I forgot to mention this is exclusive to ssh, ftp or any file sharing function. I can access Webmin or Medusa over the internet without issues.
Are you connecting the Pi on a different network and you get the connection refusal, or is it connected to the same network and you are trying to connect from the internet?
The Pi is always connected to the same network. Any device outside the network is rejected, even if that device is connecting inside the network. The issue happens with or without ddns and fail2ban.
FTP is not built to be secure. It is generally considered to be an insecure protocol because it relies on clear-text usernames and passwords for authentication and does not use encryption. Data sent via FTP is vulnerable to sniffing, spoofing, and brute force attacks, among other basic attack methods.
You’re missing the question. I understand my options, but I can only connect to them while connected to my network. Once I disconnect from my network and start working on 4G or any other network, I can’t access any file sharing service. Ports are open, the services are running, I can even connect to a few of them over the internet (E.g. Webmin), but FTP, SMB and such always return “Error 1005 Refused Connection”.
can you check iptables -L -n if there is anything setup. Next to this, I know there are internet router on the marke who block access on SMB as well as FTP port for security reasons, even if you try to forward.
Keep in mind that FTP is a multi port protocol. Even if you have forwarded tcp 21 on the router, it is not enough to transfer files.
If SSH is working fine, I think the easiest for you would be to install openssh-sftp and use that for file transfer. On the plus side you’ll get the encryption, which FTP doesn’t have. But on the other hand you need to make sure that SSH is properly hardened (no root login, no password authentication, setup ssh keys, non standard port, maybe port knocking).
Sorry about the delay. Over the last week, somehow I got SMB to work when trying to reinstall the application once more, but the communication is excrutiatingly slow. I’m starting to suspect these issues are related to the ISP router limitations.
Hi. I set up wireguard and nothing changed. After fumbling around, I tried setting up an omv and everything works fine (except docker can’t handle network volumes), so the problem must be something I messed up. I’ll just scrub the whole thing and start over.