Advertisement

11.02.2007 at 01:35PM PDT, ID: 22935858
[x]
Attachment Details
[x]
The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

  • The Grade of the Solution
  • The Zone Rank of the Expert Providing the Solution
  • The Number of Author and Expert Comments
  • The Number of Experts Contributing
  • The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!
8.2

FileZilla SSL Gets Error: 425 Can't open data connection.

Asked by hazenweber in Secure Socket Layer (SSL) & HTTPS, FTP Servers, Cisco PIX Firewall

Tags: , , , ,

I have a FileZilla 0.9.24 FTP Server sitting behind a Cisco PIX 506 Firewall running 6.3(5) and configure with PAT for Network Address Translation.  When connecting in passive mode to the server without SSL/TSL Explicit turned on, I can connect and everything works great.  If I turn on SSL/TSL Explicit on the server and the client (using FileZilla Client) I get the following:

WITHOUT SSL/TSL (WORKS)
Status:      Connecting to PUBLIC IP ADDRESS:21...
Status:      Connection established, waiting for welcome message...
Response:      220 You are connec
Command:      USER GUEST
Response:      331 Password required for guest
Command:      PASS *****
Response:      230 Logged on
Command:      SYST
Response:      215 UNIX emulated by FileZilla
Command:      FEAT
Response:      211-Features:
Response:       MDTM
Response:       REST STREAM
Response:       SIZE
Response:       MLST type*;size*;modify*;
Response:       MLSD
Response:       AUTH SSL
Response:       AUTH TLS
Response:       UTF8
Response:       CLNT
Response:       MFMT
Response:      211 End
Status:      Connected
Status:      Retrieving directory listing...
Command:      PWD
Response:      257 "/" is current directory.
Command:      TYPE I
Response:      200 Type set to I
Command:      PASV
Response:      227 Entering Passive Mode (EXTERNAL IP ADDRESS,242,92)
Command:      LIST
Response:      150 Connection accepted
Response:      226 Transfer OK
Status:      Directory listing successful
Status:      Disconnected from server

WITH SSL/TSL (DOESN'T WORK)
Status:      Connecting to EXTERNAL IP ADDRESS:21...
Status:      Connection established, waiting for welcome message...
Response:      220 You are connec
Command:      AUTH TLS
Response:      234 Using authentication type TLS
Status:      Initializing TLS...
Command:      USER GUEST
Status:      Verifying certificate...
Status:      TLS/SSL connection established.
Response:      331 Password required for guest
Command:      PASS *****
Response:      230 Logged on
Command:      SYST
Response:      215 UNIX emulated by FileZilla
Command:      FEAT
Response:      211-Features:
Response:       MDTM
Response:       REST STREAM
Response:       SIZE
Response:       MLST type*;size*;modify*;
Response:       MLSD
Response:       AUTH SSL
Response:       AUTH TLS
Response:       UTF8
Response:       CLNT
Response:       MFMT
Response:      211 End
Command:      PBSZ 0
Response:      200 PBSZ=0
Command:      PROT P
Response:      200 Protection level set to P
Status:      Connected
Status:      Retrieving directory listing...
Command:      PWD
Response:      257 "/" is current directory.
Command:      TYPE I
Response:      200 Type set to I
Command:      PASV
Response:      227 Entering Passive Mode (EXTERNAL IP ADDRESS,182)
Command:      LIST
Response:      425 Can't open data connection.
Error:      Failed to retrieve directory listing

The Cisco PIX has translation lists that are port 21 redirect to port 21 and the same for port 20
I have access rules for ports 21 and 20 pointing to the interior server.

Also I'm running behind a Linksys Wireless WRT54G, but am getting the same results running plugged directly into my Cable Modem.

Everything works without SSL/TSL; but once I turn it on I get this error.  Thank you for your help
Start Free Trial
 
Keywords: FileZilla SSL Gets Error: 425 Can't…
Title
1 SSL and PKI
2 SSL query
3 Questions about SSL certificate conce…
4 SSL with Apache.
5 Unable to login via SSL
6 Multiple SSL certificates on a single Ap…
 
Loading Advertisement...
 
[+][-]11.02.2007 at 02:02PM PDT, ID: 20204495

View this solution now by starting your 7-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zones: Secure Socket Layer (SSL) & HTTPS, FTP Servers, Cisco PIX Firewall
Tags: filezilla, data, open, 425, connection
Sign Up Now!
Solution Provided By: jeffld
Participating Experts: 1
Solution Grade: A
 
 
 
Loading Advertisement...
20080716-EE-VQP-32 / EE_QW_2_20070628