Solved

Weird FTP problem with Windows 2000 server

Posted on 2004-09-13
7
142 Views
Last Modified: 2010-04-13
I’m having a weird problem with a Windows 2000 server and I can’t seem to figure it out.  Hopefully someone here can help me.  We have a couple of Windows 2000 servers behind a LocalDirector.  We have an application that automatically connects to are customers servers via FTP and retrieves files at specified times.  We recently rebuilt one of the servers and now we can’t pull files via FTP from it.  We can connect to a customer’s server but as soon as we try to retrieve a file the FTP connection breaks.  I tried manually connecting from a command prompt and I get the following error.

500 I won't open a connection to 10.10.10.20 <only to 64.x.x.x>
500?

The 64.x.x.x IP is the address of our firewall
The 10.10.10.20 IP is a virtual IP on the LocalDirector

I checked “use passive FTP” in the Internet Explorer settings and it worked a few times from a command prompt.  Then, for some unknown reason, it quit working giving me the same error as I listed above.  This makes no sense to me.  It seems like a NAT problem on the LocalDirector but nothing has changed on the device.  If it worked prior to the box being rebuilt and now it doesn’t then it seems like a server related problem.  I just don’t know what to do to fix it.  The other boxes behind the LocalDirector can still send/receive via FTP.  They use the 10.10.10.20 IP for outbound connections.  I tripled checked all the settings in the firewall and LocalDirector.  Has anyone seen this problem before?  Does anyone have any suggestions as to how I can fix it?

Thanks
0
Comment
Question by:steno1122
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 8

Expert Comment

by:RevelationCS
ID: 12046796
Is there more of a log outside of that that you can post here? based on what I am seeing it appears to be a configuration issue. Are you attempting to use SSH?
0
 
LVL 8

Expert Comment

by:RevelationCS
ID: 12046814
also, do you have FXP enabled on both servers?
0
 

Author Comment

by:steno1122
ID: 12047116
RevelationCS, thanks for the reply.  Unfortunately there aren’t any decent logs that I can show you.  The LocalDirector has lousy logging and their isn’t any errors in the Windows 2000 event log.  I did find a work-around but it’s something I don’t want to do.  I can get FTP to work if I remove the static entry from the LocalDirector.  The static entry is used for outbound connections.  It basically hides the server’s real IP and uses a virtual IP for outbound connectivity.  This entry was in the LocalDirector before the server was rebuilt.  There are similar entries for the other servers behind the LocalDirector that are able to FTP using the same virtual address.  I still think the problem is with the server and not the LocalDirector.  I don’t get the error on any other server.

static 10.10.10.4:0:0:tcp 10.10.10.20:0:0:tcp

         real IP           virtual IP


Oh, I’m not using SSH.
0
Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

 
LVL 8

Expert Comment

by:RevelationCS
ID: 12047637
what about FXP being enabled at both locations? I tend to lean towards this being a firewall configuration issue based on what I turn up on the topic via internet searches....
0
 

Author Comment

by:steno1122
ID: 12047900
Nope, no FXP.  I've removed the static command from the LocalDirector so the box can communicate via FTP.  I don't want to leave it that way though.
0
 
LVL 8

Accepted Solution

by:
RevelationCS earned 125 total points
ID: 12048198
I am assuming the LD is inside your firewall... when you opened up the ports for the firewall, did you set the rules up correctly for the internal or external IP on the LD depending on the direction the traffic was going?
0
 

Author Comment

by:steno1122
ID: 12049224
The firewall rules are correct.  The other servers behind the LD use the same virtual IP for outgoing connections.  They are able to establish FTP connections without any problems.  I'm beginning to think there might be a bug in the version of the LD operating system that we're running.  I'm going to check Cisco's site.
0

Featured Post

Comparison of Amazon Drive, Google Drive, OneDrive

What is Best for Backup: Amazon Drive, Google Drive or MS OneDrive? In this free whitepaper we look at their performance, pricing, and platform availability to help you decide which cloud drive is right for your situation. Download and read the results of our testing for free!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compli…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question