Solved

FPTS error "Transfer channel can't be opened"

Posted on 2007-04-10
4
1,975 Views
Last Modified: 2013-12-02
At the company I work we are using FTP to transfer files between out company and telemarketing bureaus.
Since FTP is not very safe for transferring this kind of data, we want to switch to something safer. We thought we could do this by switching to FTPS (FTP over SSL)

Our FTP server (Novell) supports FTPS, so we thought this switch would be quite easy, After setting the Novell server to support both FTP and FTPS (to later switch it to only FTPS) everything worked fine when we tested it (from a PC inside our network) but if we test it from a pc outside our network, we run into some troubles.

The PC can get a connection, but when the directory listing is requested, it gets some kind of timeout.

Here’s the log file:

Status:      Connecting to x.x.x.x ...
Status:      Connected with x.x.x.x, negotiating SSL connection...
Response:      220 Service Ready for new User
Command:      AUTH SSL
Response:      234 Enabling SSL
Status:      SSL connection established. Waiting for welcome message...
Command:      USER username
Response:      331 Password Needed for Login
Command:      PASS *********
Response:      230 User username Logged in Successfully
Command:      SYST
Response:      215 NETWARE  Type : L8
Command:      FEAT
Response:      500 'FEAT' : Unknown Command
Command:      PBSZ 0
Response:      200 Protection Buffer Size set. PBSZ=0
Command:      PROT P
Response:      200 Protection Level is set
Status:      Connected
Status:      Retrieving directory listing...
Command:      PWD
Response:      257 "/" is Current Directory
Command:      TYPE A
Response:      200 TYPE Command OK A
Command:      PASV
Response:      227 Entering Passive Mode (10,99,29,21,8,44)
Command:      LIST
Response:      150 Opening data connection for  (y.y.y.y,2092)
Error:      Transfer channel can't be opened. Reason: Een verbindingspoging is mislukt omdat de verbonden party niet correct heeft geantwoord na een bepaalde tijd, of de gemaakte verbinding is mislukt omdat de verbonden host niet heeft geantwoord.
Error:      Could not retrieve directory listing
Command:      TYPE I
Error:      Timeout detected!
Status:      Waiting to retry... (5 retries left)

The error message it in dutch, in English it would be “A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.”

All I can find on the internet is that I have to try “active mode”, I tried that, and it didn’t help (I got another timeout message)

Another thing I found is that it got something to do with firewall settings. I however can’t find which.

I hope some of you know how to solve this problem.

Does the client or the server need to open firewall ports? And which one? (I hope it’s the server, because I don’t think our customers would like to open ports)
0
Comment
Question by:echobrain
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 

Author Comment

by:echobrain
ID: 18916242
anyone?
0
 
LVL 4

Accepted Solution

by:
rwaldicott earned 500 total points
ID: 19034442
The problem is here:

Response:      227 Entering Passive Mode (10,99,29,21,8,44)
Command:      LIST
Response:      150 Opening data connection for  (y.y.y.y,2092)

Problem is your server telling client to connect to server IP 10.99.29.21 to initiate a data transfer or perform a directory listing.  The problem is that the server is using the internal IP address instead of the external IP address that is visible to clients.  To fix the issue you need to tell your server to report the external IP address when responding to passive requests.
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Why is a PSO not being set for users 2 36
EMC migration 2 95
Windows Clustering 4 60
voice vlan on meraki using 3CX 3 136
Goal:  To set up a secure SSH server for your home computer to make it accessible anywhere AND to use it as a port forwarding proxy. Steps 1.  WinSSHD version 5 is free for personal use.  So download and install it.  You can download it from the…
If, like me, you have a lot of Dell servers in the estate you manage this article should save you a little time. When attempting to login to iDrac on any server I would be presented with two errors. The first reads "Do you want to run this applicati…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question