SBS Server 2003 FTP Error 521 Illegal PORT command & 200 Type set to A.

I have set up an ftp server using SBS Server 2003.  The problem I am having is logging into the ftp server using IE.  I can log in fine through command line, I can open the page via IE(or firefox): it asks for my uname and pword, I log in(tried both local admin and domain admin unames) and then I get the error:

An error Occurred opening that folder on the FTP Server.  Make sure you have permission to access that folder.

Details:
200 Type set to A.
521 Illegal PORT command

I know that I have ports 20 and 21 forwarded through the router and I have rights to the folders
I can ping my ftp.domainname.com
I can log in through my internal network by typing in ftp://192.168.xxx.xxx and everything works as it should
LVL 7
Justin CollinsIT Support TechnicianAsked:
Who is Participating?
 
r_naren22atyahooCommented:
Just check this out, and try from browser

http://user1128512.sf2000.registeredsite.com/downloads.html

For Users WITH Microsoft XP
If you receive the error message “521 illegal port command – An error occurred opening that folder on the FTP Server.  Make sure you have permissions to access the folder. Details: 200 Type Set to A” it means the passive configuration is checked on your browser settings.  
 

To allow you to perform the download or conduct your upload, click the “Tools” menu, click on “Internet Options,” select the “Advanced” Tab and unclick “Use Passive FTP (for firewall and DSC modem compatibility).  The click “OK.”
 

NOTE: If you prefer the passive configuration option for other downloads, please recheck this option under the “Advanced” tab of “Internet Options” once the download is complete.

0
 
r_naren22atyahooCommented:
try to login to the  ftp://192.168.xxx.xxx internally from a work station which is not in the domain.


regards
naren
0
 
Justin CollinsIT Support TechnicianAuthor Commented:
That worked fine also.
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
r_naren22atyahooCommented:
Instead of authenticating the Users at the ISA server

I guess the FTP server is fine,
You have a problem at the ISA server at the authentication.
check the logs, atempt an FTP connection from outside of your network,
you will see some entries which will light the problem.

Workaround
Try to create the port 20 and port 21 tunnels to the FTP Server from the ISA server.
by this the firewall does not process the authentication requests it will forward directly to the FTP server for authentication.

but first check the logs

regards
naren
0
 
r_naren22atyahooCommented:
Sorry
where is the FTP server setup, is it on the ISA or some where on the LAN?
0
 
Justin CollinsIT Support TechnicianAuthor Commented:
I am running everything on one server.  This is in my house and for my own personal use.
I am not running ISA at all.  
I have no firewall on the server as it's behind my router.

Error Logs shows the same message:

Source: MSFTPSVC
Event ID: 10

User someone at host xx.xx.xxx.xxx has timed-out after 120 seconds of inactivity
0
 
r_naren22atyahooCommented:
from outside type

and command prompt type
telnet ftp.domainname.com 20
telnet ftp.domainname.com 21

and see if the connection establishes or not??

0
 
Justin CollinsIT Support TechnicianAuthor Commented:
I can telnet to it, I can log in, but when I do a list it gives me that same 521 Illegal port command.
Port 20 denies, which as far as I know should deny.
0
 
r_naren22atyahooCommented:
I am not sure about your firewall settings,

IF the FTP is working from inside it should work from outside too.
did you forwarded Both TCP and UDP ports???

regards
naren
0
 
Justin CollinsIT Support TechnicianAuthor Commented:
Sweet!!!  It works.  Can you change that on the server so that you don't have to have that unchecked?  Or what do i ask If I make a new post?
0
 
Justin CollinsIT Support TechnicianAuthor Commented:
Yes, both are forwarded
0
 
r_naren22atyahooCommented:
i think you should be fine, i will try to fix,

did you forwarded both protocols ???TCP and UDP??
forward both of them..
and test with the browser again with default settings??
regards
naren
0
 
r_naren22atyahooCommented:
its a bit complicate process.
may be someone from the web servers team can help on passive mode setup

regards
naren
0
 
r_naren22atyahooCommented:
Do you still need any more help on this???
0
 
Justin CollinsIT Support TechnicianAuthor Commented:
I will make a new post under Web Servers about the passive mode setup.  thank you for all your help
0
 
r_naren22atyahooCommented:
thanks :)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.