• vCenter Server 8.0
• Backup server running vsftpd

Although vsftpd logs may report errors such as 426 Failure reading network stream, these messages do not necessarily indicate a true network issue. According to FTPS file transfers randomly fail, the underlying problem stems from a bug in the FTP client’s handling of TLS 1.3. Specifically, the client may prematurely close the TCP socket while data remains in the receive buffer. This results in RST (Reset) packets being sent to the server instead of proper FIN (Finish) packets, abruptly terminating the transfer and triggering the error. Additionally, any device or service that modifies or inspects TLS 1.3 traffic in transit—such as firewalls, intrusion detection systems, or deep packet inspection tools—can also contribute to this behavior. These intermediaries may interfere with the integrity of the TLS session, leading to similar premature connection closures and failed transfers.

Disable TLS 1.3 on vsftpd  by editing the file /etc/vsftpd/vsftpd.conf and adding or modifying the line with the following content: ssl_tlsv1_3=NO