Solved

FTP Problems

Posted on 2004-10-21
332 Views
Last Modified: 2010-04-09
I am having problems with ftp

Our customer is able to login to our site from a unix server but they can't get the file, the process just hangs until they terminate it. The same thing happens if they try a dir, they don't get any data returned.

They can get the file if they do it from a windows pc, through FTP DOS and Internet Explorer

Maybe it could be port translation that is causing the problem ?

Our firewall is open for port 21 only for our ftp server.

Does this ring any bells with anyone ?

Thanks
Steve
0
Question by:stevendunne
    4 Comments
     
    LVL 4

    Expert Comment

    by:pmarquardt
    What type of firewall are you using?

    What FTP server are you using?
    0
     
    LVL 5

    Expert Comment

    by:mrielf
    Try set the PASV mode for transfer
    0
     

    Author Comment

    by:stevendunne
    FTP problems with cust1, cust2 & cust3 ?  Basically they were unable to complete the data connection into our FTP server, the connection just locked up.  I tried all sorts including opening up our firewall for high-ports, ftp ports 20 & 21 for there specific FTP IP addresses.  This still didn't resolve the issue.
     
    I found a setting in the firewall which "Forces Inbound & Outbound FTP traffic to default to Port 20".  This then resolved the above problem for these 3 customers.
     
    However, this has had a knock on affect with cust4, where we send the file across into there FTP site. The same is now happening here, the data connection is locking up my end when I try to connect.  They are using "Active" FTP which worked fine, before I setup the "Forces Inbound & Outbound FTP traffic to default to Port 20" setting.  However if I remove this setting it will effect cust1, cust2 & cust3.
     
    Cust4 are using active ftp, I found these links.........
     
    I've even enabled the "H.323 transformation" setting under Dynamic Ports to help with video & more specifically data connections.

    Any ideas ?

    :-(
     
    0
     
    LVL 5

    Accepted Solution

    by:
    Your cust1,cust2,cust3 are connecting to server behind firewall and they uses PASSIVE metod

    Setup your server to accept Passive requests and set a port range for passive connection (example: 40000-49999)

    If server resides in DMZ, then check your firewall rules and set these:

    Deny    all/all                    from   WAN/*  to   DMZ/*              <-- deny everything from WAN
    Allow   tcp/21                   from   WAN/*  to   DMZ/ServerIP    <-- enable only ftp to server
    Allow   tcp/40000-49999    from   WAN/*  to   DMZ/ServerIP    <-- enable ftp passive ports to connect
    Allow   tcp/20                   from    DMZ/*  to   WAN/*              <-- enable connecting from DMZ (for active ftp connections)

    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
    If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
    This video is in connection to the article "The case of a missing mobile phone (https://www.experts-exchange.com/articles/28474/The-Case-of-a-Missing-Mobile-Phone.html)". It will help one to understand clearly the steps to track a lost android phone.
    Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

    846 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    7 Experts available now in Live!

    Get 1:1 Help Now