We help IT Professionals succeed at work.

SBS Server 2003 FTP Error 521 Illegal PORT command & 200 Type set to A.

Medium Priority
Last Modified: 2013-11-29
I have set up an ftp server using SBS Server 2003.  The problem I am having is logging into the ftp server using IE.  I can log in fine through command line, I can open the page via IE(or firefox): it asks for my uname and pword, I log in(tried both local admin and domain admin unames) and then I get the error:

An error Occurred opening that folder on the FTP Server.  Make sure you have permission to access that folder.

200 Type set to A.
521 Illegal PORT command

I know that I have ports 20 and 21 forwarded through the router and I have rights to the folders
I can ping my ftp.domainname.com
I can log in through my internal network by typing in ftp://192.168.xxx.xxx and everything works as it should
Watch Question

try to login to the  ftp://192.168.xxx.xxx internally from a work station which is not in the domain.

Justin CollinsIT Manager


That worked fine also.
Instead of authenticating the Users at the ISA server

I guess the FTP server is fine,
You have a problem at the ISA server at the authentication.
check the logs, atempt an FTP connection from outside of your network,
you will see some entries which will light the problem.

Try to create the port 20 and port 21 tunnels to the FTP Server from the ISA server.
by this the firewall does not process the authentication requests it will forward directly to the FTP server for authentication.

but first check the logs

where is the FTP server setup, is it on the ISA or some where on the LAN?
Justin CollinsIT Manager


I am running everything on one server.  This is in my house and for my own personal use.
I am not running ISA at all.  
I have no firewall on the server as it's behind my router.

Error Logs shows the same message:

Event ID: 10

User someone at host xx.xx.xxx.xxx has timed-out after 120 seconds of inactivity
from outside type

and command prompt type
telnet ftp.domainname.com 20
telnet ftp.domainname.com 21

and see if the connection establishes or not??

Justin CollinsIT Manager


I can telnet to it, I can log in, but when I do a list it gives me that same 521 Illegal port command.
Port 20 denies, which as far as I know should deny.
Just check this out, and try from browser


For Users WITH Microsoft XP
If you receive the error message “521 illegal port command – An error occurred opening that folder on the FTP Server.  Make sure you have permissions to access the folder. Details: 200 Type Set to A” it means the passive configuration is checked on your browser settings.  

To allow you to perform the download or conduct your upload, click the “Tools” menu, click on “Internet Options,” select the “Advanced” Tab and unclick “Use Passive FTP (for firewall and DSC modem compatibility).  The click “OK.”

NOTE: If you prefer the passive configuration option for other downloads, please recheck this option under the “Advanced” tab of “Internet Options” once the download is complete.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
I am not sure about your firewall settings,

IF the FTP is working from inside it should work from outside too.
did you forwarded Both TCP and UDP ports???

Justin CollinsIT Manager


Sweet!!!  It works.  Can you change that on the server so that you don't have to have that unchecked?  Or what do i ask If I make a new post?
Justin CollinsIT Manager


Yes, both are forwarded
i think you should be fine, i will try to fix,

did you forwarded both protocols ???TCP and UDP??
forward both of them..
and test with the browser again with default settings??
its a bit complicate process.
may be someone from the web servers team can help on passive mode setup

Do you still need any more help on this???
Justin CollinsIT Manager


I will make a new post under Web Servers about the passive mode setup.  thank you for all your help
thanks :)
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.