[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

FTP 530 Error

Posted on 2004-11-19
24
Medium Priority
?
6,135 Views
Last Modified: 2012-08-14
I cannot figure out what im doing wrong here, maybe someone can help.

I'm trying to set up a very simple FTP server... One that i can access over the web.

I have set it up, and as far as i can tell, does what i want, with one problem. When I log on useing my local ip address (internal network) it connects fine to the annymous account. However, when i try to connec tthrough my external IP, i get error 530 "Annoynomus users cannot connet". Its not a firewall issue, ports are opened, and it connects fine, just wont let me access from EXternal IP... why is that?

Thanks for any help in advance! :)

Bick

0
Comment
Question by:bick2000
  • 13
  • 9
  • 2
24 Comments
 
LVL 34

Expert Comment

by:Dave_Dietz
ID: 12632389
You must be hitting a different FTP site.

Do you have more than one FTP site on this machine?

If not, try shutting down IIS and then try hitting the External IP address.  If you get a response it must be coming from a different machine or from a non-IIS FTP server on this machine.
If this is the case try running 'netstat -an' at the command prompt to see what process ID is listening on port 21 while IIS is shut down....

What exactly are you seeing when accessing it?  (Try using the command line cliient if you aren't already...)

Dave Dietz
0
 

Author Comment

by:bick2000
ID: 12632472
ok, i went into ISS and stopped all of FTP sites running... used IE to hit FTP://xxx and it came up same error (and using an FTP client - flashget -, it still says its connected to something, even when i turned the FTP site off, but lacks permission of anymous acct.) Internal IP then gave me the error, same as external, about not being able to connect to folder.

So i ran netstat -an, and didnt see anything attached to port 21. After i started the FTP back up, "listening" on port 21 and internal worked, EXternal still doesn't.

My router forwards port 21 (the one it is set to use) to the servers internal address.

Sorry, but I do not know any command line clients or commands for testing network stuff.

Thanks,

Bick
0
 

Author Comment

by:bick2000
ID: 12632501
tryed it on a different port, say 12343, and this time it timed out. even though the port was open.

What am i doing wrong here?

Thanks for your help!

Bick
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 34

Expert Comment

by:Dave_Dietz
ID: 12634282
It's got to be something with your firewall/router.

Does your router forward port 20 as well?  FTP uses 2 ports -20/21 for Active 21/x>1024 for Passive.

Try using the FTP comand line client:  Open a command line and type FTP then hit enter
Next type 'open <external IP>'

If it can connect it wil prompt you for username and password.

---

When you tried on a different port had you configured FTP to listen on that port?

Dave Dietz
0
 
LVL 12

Expert Comment

by:ColinRoyds
ID: 12634949
Depending if you are running ftp in active or passive mode you will need to open up port 20 for the ftp to work correctl as well
0
 
LVL 12

Expert Comment

by:ColinRoyds
ID: 12634950
0
 

Author Comment

by:bick2000
ID: 12634956
Ok, here's what i did. i ran the command line FTP command to my external IP from within the network, and it got picked up by my router (allowing only router login information). Is that because I am behind it? Or, is it actually accepting port 21 to the router, and not forwarding it to my server?

In this case, what would i need to do to open up FTP for a different port? (in other words, would I need port 20 and my other port of choice, or some other ports open?) Because when I open a different port (and configure my FTP to listen on that port), the router does not let it connect.

Thanks,

Bick
0
 
LVL 12

Expert Comment

by:ColinRoyds
ID: 12634989
What I would do to eliminate everything is setup a desktop/laptop with a dial up account , slow I know, then try it from there and see what you get , you could also put a banner/welcom note so you know which ones is which when you get an answer
0
 
LVL 12

Expert Comment

by:ColinRoyds
ID: 12634991
make certain your NAT for port 20 and 21 is setup correctly
0
 

Author Comment

by:bick2000
ID: 12635012
Is it safe to DMZ to my server for a short time, just to see if it works then?
0
 
LVL 12

Expert Comment

by:ColinRoyds
ID: 12635039
no, not if this is a prodcution server, I would not, if it's a dev server then ok. Otherwise to test setup iis on a pc with ftp installed in the same way and redirect your NAT on your firewall to the ip of the laptop and test it.

but before you go to all this trouble have you checked the NAT on your firewall for ports 20 and 21, as well as your policy, are they set to allow traffic in on port 20 and 21 tcp?
0
 

Author Comment

by:bick2000
ID: 12635053
sorry for so many questions, but how do i use a command line to connect to a certian port that my FTP is running on. When I change ports, I get a Timed Out, even though the 20-21. and 12356 are open on my firewall, and FTP is listening to 12356. Is there something else that needs to be open?

Thanks for all the help
0
 

Author Comment

by:bick2000
ID: 12635066
Its a Netgear RP114, port forwarding for those ports is enabled, but as far as allowing traffic through the router, it doesn't seem to be working... (It keeps asking me for the router Username and Password, not forwarding those ports to my server)
0
 
LVL 12

Expert Comment

by:ColinRoyds
ID: 12635087
just to make certain you have it right have a look here http://www.portforward.com/netgear/rp114-portforwarding.htm
0
 
LVL 12

Expert Comment

by:ColinRoyds
ID: 12635097
cmn line try ftp ip;123456, never had to do it, but would imagine this would be it
0
 
LVL 12

Expert Comment

by:ColinRoyds
ID: 12635127
sorry not the above line but ftp ip:123456 not; but:
0
 

Author Comment

by:bick2000
ID: 12635152
Ok, ports are forwarded correct. I tryed that comand, but it says unknown host (even though port is forwarded, and FTP is listening).

Here's what I can come up with: When I use FTP :IP: the router is intercepting it, asking me to connect to the router through FTP? (Personaly, never heard this before). Even when I have the port 21 open, and forwared to my server, the router intercepts, and asks for username ans password for accessing the router. Not being able to access the router through IE FTP is why I am getting that disconnect error.

So what I am having problems with then, is bypassing the router by setting up the FTP on a different port. It seems to time out each time, when I forward that port.

Has anyone heard of a router not letting in FTP communications?

Thanks
0
 
LVL 12

Expert Comment

by:ColinRoyds
ID: 12635167
if you are using IE for ftp type ftp://ip:port
0
 

Author Comment

by:bick2000
ID: 12635186
I did that, i get the flashlight icon for a while, then I get a timed out error
0
 
LVL 12

Expert Comment

by:ColinRoyds
ID: 12635225
is iis ftp set to use passive mode?
0
 
LVL 12

Accepted Solution

by:
ColinRoyds earned 2000 total points
ID: 12635233
try this disable or uncheck the "Use passive ftp" selection in  
 
the Internet Explorer settings (advanced tab)  
 
and have the "Use FTP Folder view" enabled  
 
in the Internet Explorer settings,  
0
 
LVL 12

Expert Comment

by:ColinRoyds
ID: 12635289
try this too
 1. Start the Internet Service Manager (ISM), which loads the Internet Information Server snap-in for the Microsoft Management Console (MMC).  
2. Right-click the default FTP site folder, and then click Properties.
3. On the Home Directory tab, verify that the Local Path listed is valid, and that the Read check box is checked.  
4. Click OK.  
5. Using Windows Explorer, locate the folder listed in the Local Path setting you verified in Step 3. By default, the FTP home directory is C:\Inetpub\FTPRoot. .
6. Right-click the folder, and then click the Security tab. Confirm that the required user has at least Read permissions on this folder.
0
 

Author Comment

by:bick2000
ID: 12658935
Something was wrong with both my software and Hardware firewalls allowing passive connections. I just needed to change that, but without your help, wouldn't have even looked.

Thanks!

Bick
0
 
LVL 12

Expert Comment

by:ColinRoyds
ID: 12663156
Glad it's all sorted.

0

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question