is this an older install? or did you roll your own?

ISO installed around October 2010 and then upgraded to 6.1.1.7.
I was wondering what it takes to get the FTP working because it does not look to be running by default.

Thanks

do you have a /home/PlcmSpIp directory?

Yes I have that directory and I was under the impression that FTP/TFTP/HTTP all point to that directory.
The only one that will pul files are TFTP. Are we supposed to pick a FTP client to install and configure?
If so how do we go about doing this?
I looked at ProFTPD in Webmin and it says

The ProFTPD server /usr/sbin/proftpd could not be found on your system. Maybe it is not installed, or your module configuration is incorrect.

The ProFTPd package can be automatically installed by Webmin. Click here to have it downloaded and installed using YUM.

So does this mean I need to figure out how to configure it?

Thanks

you should have vsftpd running, you should have a user in your /etc/passwd file named PlcmSpIp. If you installed from ISO then all this is already running. when you connected via FTP did you use the user/pass of PlcmSpIp for both user and pass?

vsftpd is running and it looks like the username and password are PlcmSpIp but when I try and log in it will just kick me out and tell me I don't have rights?

It says an error occured when trying to open that folder....

Ideas?

[root@eeman ~]# ls -ld /home/PlcmSpIp
drwx--x--x 8 root root 4096 Jan 28 12:56 /home/PlcmSpIp

PlcmSpIp is the user and does exist in the /etc/passwd file:

PlcmSpIp:x:500:500::/home/PlcmSpIp:/sbin/nologin

Even adjusted to

PlcmSpIp:x:503:503::/home/PlcmSpIp:/bin/bash

I still cant list the directory? But I can now login via SSH:

[PlcmSpIp@mylogin ~]$ dir
dir: .: Permission denied
[PlcmSpIp@mylogin ~]$

Even if its changed to a

We have been using PlcmSpIp as the password

No matter what we change it will not connect completely….it ends in a data socket connection error

Iptables is temporarily turned off right now, we are using vsftpd

[root@mylogin vsftpd]# ls -ld /home/PlcmSpIp
drwxr-x--x 8 root root 12288 Feb 8 00:08 /home/PlcmSpIp
[root@mylogin vsftpd]#

I even just adjusted vsftp.conf with

pasv_address=ipofthePBX

and nothing after vsftpd restart

you aren't supposed to be able to list the directory, thats part of the security.

what you should be able to do,

be able to login via FTP
be able to issue a GET command for a specific file name.

your permissions for the directory are good.

make sure you change your shell back to /sbin/nologin .. otherwise there will be attempts to hack your server via ssh.

Get Works...
Trying to use it like normal FTP..
Testing now with a Polycom.

Thanks EEMAN for the help.

It looks to be working now but it keeps failing saying application not present.

By removing the read permission from the directory prevents someone from using an FTP client to login, search the directory, finding those mac-registration.cfg files, downloading and acquiring your login credentials. This was also a vulnerability of previous HTTP installations where directory indexing was enabled. The behavior now mimics TFTP in where the filename must be known. This makes remote tampering much more difficult because the hacker would have to have the ability to use a packet capture utility to sniff not only user/pass but the get requests to FTP.

application not present means you have not installed hte bootrom and sip software..

go fetch both the bootrom and sip software, stay away from the 3.3.x release use the 3.2.x release.

put them somewhere, like in my example usr/src/polycom

cd /home/PlcmSpIp
unzip /usr/src/polycom/spip_ssip_vvx_BootROM_4_2_0_release_sig.zip
unzip /usr/src/polycom/spip_ssip_vvx_3_2_1_release_sig_split.zip

Thanks EEMAN - sip.ld is not there

downloading now.

I have unzipped in the home/PlcmSpIp folder.
I can run a tcpdump -n -i eth0 -vvv port ftp from the cli and see the phone hitting the box but after this runs for about 2 to 3 min it will say on the phone could not contact boot server and then it will tell me application is not present.

Any Ideas?

I changed it back to TFTP and it downloaded the application but it will not download in FTP mode?

I watch it and it does hit the FTP server but it just bombs.

I think it is weird that it will download the files in TFTP because the folder is the same.

what does your /var/log/xferlog say? its possible you changed something in vsftpd.conf ?

Tue Feb 8 15:40:16 2011 1 127.0.0.1 1822 /0004f22b0df0.cfg b _ o r PlcmSpIp ftp 0 * c
Tue Feb 8 21:38:51 2011 3 208.210.197.234 634324 /2345-12360-001.bootrom.ld a _ o r PlcmSpIp ftp 0 * c

EEMAN do you have any ideas where I should look the phone will work no problem TFTP?

Very Strange

Opened the Cisco router in front of the Thirdlane box and it works.
We are looking at the ports and it looks like it need random ports opened in order to complete the connection.

How do we leave the router in place but open the ports for FTP to work?

If by router you mean pix firewall this is an unnecessary addition because centos already has a good firewall running in the MTE distribution. If you want to continue to use the pix firewall you will need to find out from that vendor how to enable a FTP server using PASSIVE mode FTP from behind the firewall. Passive mode dynamically picks a port from 1025-16550 for transfer. Linux firewalls use a 'helper module' that tracks FTP port 21 connections and if there is a connection considered ESTABLISHED, then the ESTABLISHED,RELATED firewall rule will allow additional traffic (ie the passive data port) to occur.

EEMAN

Thanks for the insight on this.

We were able to program the passive ports on the router and all is good now.