If you receive an error while restarting IPtables on your virtual machine that includes : raw nat mangle filter [FAILED] or similar, this is a known error with CentOS 5 / CentOS 6 on virtual architectures. You simply need to modify the : /etc/init.d/iptables file.
You’ll be asked to enter the series of questions such as Country, State Code, Email address, Organization name etc. Enter the details one by one. Here is my sample output:
Generating a 1024 bit RSA private key
writing new private key to '/etc/ssl/private/vsftpd.pem'
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [XX]:IN
State or Province Name (full name) :TN
Locality Name (eg, city) [Default City]:Erode
Organization Name (eg, company) [Default Company Ltd]:Unixmen
Organizational Unit Name (eg, section) :Technical
Common Name (eg, your name or your server's hostname) :server1.unixmen.local
Email Address :firstname.lastname@example.org
In the common name field, you can either use hostname or IP address of your vsftpd server.
Open Filezilla from your client system. Go to File -> Site Manager.
In the Site Manager window, select New Site.
Name your new site, or leave it as it is. In my case I name it as My local FTP. Enter the FTP server IP address, and select “Require explicit FTP over TLS” from the Encryption drop down box. In the Logon Type drop downbox, select Ask for password option, and enter your FTP user name. Finally click on the Connect button.
You’ll be asked to enter the ftp user password in the next screen.
Now, you”ll be asked to accept the certificate that is being used to make sure the server can be trusted. In the Certificate window, you may see the list of values which is entered during the certificate generation process. Click Ok to accept the certificate and establish the connection.
That’s it. Now you’ll be able to access your FTP server.
Note: if you keep getting the error “The data connection could not be established: EHOSTUNREACH – No route to host” after enabling SSL/TLS, disable iptables and try again.