• October 21, 2019, 06:28:44 AM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Pages: 1 2 [3]

Author Topic: DNS-323 Firmware 1.08 Unable to connect via ssl/tls  (Read 23149 times)

tfiveash

  • Level 2 Member
  • **
  • Posts: 87
Re: DNS-323 Firmware 1.08 Unable to connect via ssl/tls
« Reply #30 on: July 22, 2010, 10:49:31 PM »

Davss,

I could not agree more.  We have asked over and over for help from D-Link and have heard nothing from them.  Even this thread dates back 5 months and how many D-Link responses do you see.  The sad thing is that they are still selling this product and not supporting it.  We are not asking for the impossible. All we are asking for is for D-Link to fix the laundry list of problems.  The only consolation is that the DNS-321 and DNS-343 are not being helped either.

I am not sure D-Link even has anyone working on our problems.  I have seen no evidence of it. Nor have I seen D-Link even address this issue.  I am about to agree with Gunrunnerjohn and buy a Synology even  though I do not need all that capability.  But at least they support their product and it works.  It has been over a year since we have had a new firmware, even a beta, and I am not including V1.09 which is a joke.

Terry
Logged

nullpointerninja

  • Level 1 Member
  • *
  • Posts: 4
Re: DNS-323 Firmware 1.08 Unable to connect via ssl/tls
« Reply #31 on: July 23, 2010, 04:13:32 PM »

Hello.

Has anyone used Wireshark (or something similar) to really see whether the connection is encrypted or not?

I've sent an e-mail to d-link support and they sent me back a wireshark screenshot showing that the packets are encrypted (they said that the DNS-323 connects via TLS automatically from version 1.06 onwards). I don't know if the packets were captured during the authentication process (which is indeed encrypted) or during file transfer (which FileZilla says is not encrypted).

If no one has tried that, I might give it a shot later tonight.
Logged

liammaps2010

  • Level 2 Member
  • **
  • Posts: 25
Re: DNS-323 Firmware 1.08 Unable to connect via ssl/tls
« Reply #32 on: July 26, 2010, 04:08:48 PM »

Final Status:

Able to connect to DNS-323 server both locally and remotely via FTP over explicit SSL/TSL. *Appears* that my username and password is masked on both connections. Data transfer is what I am not sure about. Seems that the connection switches back to Clear text afterwards. I would have to assume at this point that the server does not support PROT P. I am able to retrieve directory listing successfully both remotely and locally by configuring the ports.

LOCALLY


Status:   Resolving address of unknown.com
Status:   Connecting to xxx.xxx.xxx.xxx:0000...
Status:   Connection established, waiting for welcome message...
Response:   220---------- Welcome to Pure-FTPd [TLS] ----------
Response:   220-You are user number 1 of 5 allowed.
Response:   220-Local time is now 00:29. Server port: 0000.
Response:   220-This server supports FXP transfers
Response:   220 You will be disconnected after 5 minutes of inactivity.
Command:   AUTH TLS
Response:   234 AUTH TLS OK.
Status:   Initializing TLS...
Status:   Verifying certificate...
Command:   USER ME
Status:   TLS/SSL connection established.
Response:   331 User ME OK. Password required
Command:   PASS ******
Response:   230 OK. Current restricted directory is /
Command:   SYST
Response:   215 UNIX Type: L8
Command:   FEAT
Response:   211-Extensions supported:
Response:    EPRT
Response:    IDLE
Response:    MDTM
Response:    SIZE
Response:    REST STREAM
Response:    MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
Response:    MLSD
Response:    ESTP
Response:    PASV
Response:    EPSV
Response:    SPSV
Response:    ESTA
Response:    AUTH TLS
Response:    PBSZ
Response:    PROT
Response:   211 End.
Command:   PBSZ 0
Response:   200 PBSZ=0
Command:   PROT P
Response:   534 Fallback to [C]
Status:   Connected
Status:   Retrieving directory listing...
Command:   CWD /mnt/HD_b2/unknown
Response:   550 Can't change directory to /mnt/HD_b2/unknown: No such file or directory
Command:   PWD
Response:   257 "/" is your current location
Command:   TYPE I
Response:   200 TYPE is now 8-bit binary
Command:   PASV
Response:   227 Entering Passive Mode (xxx,xxx,xxx,xxx,x,xxx)
Status:   Server sent passive reply with unroutable address. Using server address instead.
Command:   MLSD
Response:   150 Accepted data connection
Response:   226-ASCII
Response:   226-Options: -l
Response:   226 1 matches total
Status:   Directory listing successful

REMOTELY

Status:   Resolving address of unknown.com
Status:   Connecting to xxx.xxx.xxx.xxx:0000...
Status:   Connection established, waiting for welcome message...
Response:   220---------- Welcome to Pure-FTPd [TLS] ----------
Response:   220-You are user number 1 of 5 allowed.
Response:   220-Local time is now 00:37. Server port: 0000.
Response:   220-This server supports FXP transfers
Response:   220 You will be disconnected after 5 minutes of inactivity.
Command:   AUTH TLS
Response:   234 AUTH TLS OK.
Status:   Initializing TLS...
Status:   Verifying certificate...
Command:   USER ME
Status:   TLS/SSL connection established.
Response:   331 User ME OK. Password required
Command:   PASS *************
Response:   230 OK. Current restricted directory is /
Command:   SYST
Response:   215 UNIX Type: L8
Command:   FEAT
Response:   211-Extensions supported:
Response:    EPRT
Response:    IDLE
Response:    MDTM
Response:    SIZE
Response:    REST STREAM
Response:    MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
Response:    MLSD
Response:    ESTP
Response:    PASV
Response:    EPSV
Response:    SPSV
Response:    ESTA
Response:    AUTH TLS
Response:    PBSZ
Response:    PROT
Response:   211 End.
Command:   PBSZ 0
Response:   200 PBSZ=0
Command:   PROT P
Response:   534 Fallback to [C]
Status:   Connected
Status:   Retrieving directory listing...
Command:   PWD
Response:   257 "/" is your current location
Command:   TYPE I
Response:   200 TYPE is now 8-bit binary
Command:   PORT xx,xxx,xxx,xxx,x,xxx
Response:   200 PORT command successful
Command:   MLSD
Response:   150 Connecting to port xxxx
Response:   226-ASCII
Response:   226-Options: -l
Response:   226 4 matches total
Status:   Directory listing successful

Can you get a remote ssl/tls connection on firmware 1.09? I can't. I am using filezilla. I can only get an encrypted connection on the local network.
Logged

nullpointerninja

  • Level 1 Member
  • *
  • Posts: 4
Re: DNS-323 Firmware 1.08 Unable to connect via ssl/tls
« Reply #33 on: July 27, 2010, 10:12:45 AM »

I have a question about filezilla. I checked with wireshark and the packets are indeed encrypted (on a local network, haven't tried a remote connection) but filezilla says 534 Fallback to [C] anyway  ??? Why is that? Maybe the connection is encrypted and filezilla thinks it's not  ??? (don't know how that would be possible...)
« Last Edit: July 27, 2010, 02:53:20 PM by nullpointerninja »
Logged
Pages: 1 2 [3]