Disclaimer: This article may contain information about third-party products. Such information is for reference only. Alibaba Cloud does not make any guarantee, express or implied, with respect to the performance and reliability of third-party products, as well as potential impacts of operations on the products.
Problem description
After you purchase an ECS instance, you have configured an FTP server in the system. However, when the FTP transfer fails, the client prompts "425 Security:Bad IP connection".
Cause
The FTP service has two connections, one is a control connection, and the other is a data connection. By default, the FTP server checks whether the source IP addresses of two connections are the same during data transmission. If they are not, a "425 Security:Bad IP connection" error is reported. This issue is often caused by the clients in the NAT network, and the public IP address associated with the NAT is more than one, resulting in two connections, the source IP is inconsistent.
Solution
Disable the IP address security check in the passive mode as follows:
- Run the following command to edit the FTP configuration file:
vi /etc/vsftpd/vsftpd.conf
- Add the following content to the configuration file.
pasv_promiscuous=yes
- After saving and exiting, run the following command to restart the FTP service.
service vsftpd restart
Application scope
- ECS