Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

FTP client fails on Windows Server 2003 R2 (64bit)

Posted on 2007-04-10
14
Medium Priority
?
5,282 Views
Last Modified: 2013-11-29
I have recently purchased a new Dell server, running Windows 2003 R2 (64-bit).  I cannot FTP from this server using ftp.exe.  I have other users sharing the Internet connection and they are having the same problem.  Basically it sends a packet and hangs, and the receiving end thinks the client closed the connection.  This occurs with multiple FTP servers, so it's not specific to one server.

Can't even do a LS command, much less transfer a file.  From one of the FTP servers' log:

[L 3474] 04/10/2007 06:53:03 Accepted connection from [ip address]
[C 3474] 04/10/2007 06:53:10 Command "USER xxxx" received
[C 3474] 04/10/2007 06:53:13 PASSword accepted
[L 3474] 04/10/2007 06:53:13 User xxxx logged in.
[C 3474] 04/10/2007 06:53:29 Command "PORT xx, xx, xx, xx,19,137" received
[C 3474] 04/10/2007 06:53:29 PORT set to xx.xx.xx.xx - 5001 (19,137)
[C 3474] 04/10/2007 06:53:29 Command "NLST" received
[C 3474] 04/10/2007 06:53:29 NLST started successfully for path/wildcard
[C 3474] 04/10/2007 06:53:30 Transfer terminated by client closing connection
[C 3474] 04/10/2007 06:53:30 Transfer aborted

If I do try to transfer a file it sends 2920 bytes and then fails with the same sort of "client closed the connection" error.  I initially assumed it was a firewall problem but I even (briefly!) turned off the firewall and got the same results.  I use WinZip Pro to do a backup with FTP, and it fails in the same way.

The server is directly connected to the cable modem (dual homed machine) so there's no NAT externally getting iin the way.  Any thoughts?
0
Comment
Question by:Torqane
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 4
  • 3
14 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 18887027
This does look like a firewall issue. Are the ftp clients behind a firewall?  Can you use a ftp client that support passive ftp?
0
 

Author Comment

by:Torqane
ID: 18888464
Hi.  

Thanks for responding, however as I stated I turned the firewall off and still had the same problem.  I get the same error whether on one of the clients that shares the connection, or on the server itself.  That said, I'm going to go back and do a more comprehensive test since I also think it is likely to be firewall related.

In the case of WinZip I don't seem to have a way to set that as a passive connection.  I'll experiment with that as a solution otherwise (I could always script sending the zip file as a workaround), but one client has a separate piece of software that can't be altered so it's not a full solution for everyone.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 18889023
Are the ftp clients on the same physical network as the ftp server?  I realize that you turned off the firewall, but I am assuming you turned it off on the server side.

I was refering to a firewall on the client side.  With FTP there are two modes of transfers.  Active and passive.  With active ftp the FTP server actually intitates the data connection to the client, which most client side firewalls will block. With passive ftp the client initiates the data connection to the server, which most client side firewalls will allow.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 

Author Comment

by:Torqane
ID: 18889218
No, nothing changed on the FTP server side, which is on a different network accessed across the Internet.  I am only using the FTP client on either the W2K3 server or the other PCs that are connecting through that server.  So the firewall I turned off was on the client side (i.e. the W2K3 server), no change to the receiving FTP server side.

Sorry for the confusion in terminology, but I'm only running the FTP client on this customer's side of the Internet, whether on a workstation or the W2K3 server.  My machine that's running the FTP server software is completely independent and can successfully receive files from other sites.  Basically the only thing that's different from what it was a week ago is that this W2K3 server is now the gateway to the Internet for itself and various workstations on that internal network.  None of this customer's FTP attempts to any server anywhere succeed now.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 18892374
O.K.  Then some whwere on the client side there is a firewall (or something else) that is blocking ftp traffic.

What you can try is using IE to connect to the ftp server.  In IE settings go to the Advanced Tab under the Browsing section make sure that the you have the bo check that says "Use Passive FTP (for firewall and DSL modem compatibility)" checked.

If this works, then there is something blocking active FTP connections.
0
 

Author Comment

by:Torqane
ID: 18895595
Okay, I tried using IE with the Passive setting on (which it already was, probably due to some earlier experimentation), and that worked okay.  However at this point the command line FTP client as well as the WinZip process still fail.

I'm happy to agree with your analysis that it's firewall-related.  I do have c:\windows\system32\ftp.exe as an exception to the firewall, but I'm unclear on if that means everything related to that program is okay, or only things it initiates.

I don't suppose anyone besides me thinks this should be simpler.... ?  :)
0
 
LVL 57

Accepted Solution

by:
giltjr earned 2000 total points
ID: 18899348
O.K.  The FTP client that comes with Windows only supports active FTP.  Something somewhere is blocking active FTP.

So you need to get an ftp client that supports passive ftp or change your firewall settings.

There are MANY out there, CuteFTP, FileZILLA, and SEAGULL FTP are just 3 that support passive.

The problem is the firewall execptions allow outbound connections, not inbound.  In order to allow active FTP you would need to setup an execption (if possible) that would all inbound traffic that has a source port of 20.  With active FTP the serer always uses the source port of 20.

My suggestion is to get a ftp client that supports passive ftp.
0
 

Author Comment

by:Torqane
ID: 18900434
Okay, thanks for the analysis and suggestions.  In particular I wasn't aware that the command line FTP wouldn't support passive, so I'll quit beating that dead horse.

I didn't see any easy way to enable the inspection of source port # within Windows Firewall and at this point it's not worth further pursuit when there are workarounds.

I've checked with WinZip and their latest version supports passive ftp, and since that's the main non-browser-user purpose for FTP that'll do fine.  I'll inform any users who need to FTP to enable the IE switch.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 18901349
Thanks.  Yes, MS needs to look at themself.  Their FTP client does not support passive and their firewall does not allow you the controll needed to allow active ftp.  So you either need to get somebody elses firewall, somebody elses ftp client, or both from somebody else.

Glad to be of help.
0
 
LVL 6

Expert Comment

by:Taconvino
ID: 21264053
Just to clarify, the passive function is a server command, not a client command.  It can be activated from the normal FTP client in Windows issuing a

LITERAL PASV

command.  Try it!  It works for me.

TCV
0
 
LVL 57

Expert Comment

by:giltjr
ID: 21264149
Technically it is a server command, but the client must support passive FTP.  MS ftp client does not support passive FTP, so even if you issue the command LITERAL PASV, the ftp will not work because MS's ftp client won't know what to do.

If a FTP client supports passive FTP it is generally an option that is checked if using a GUI ftp client, or the command "passive" if using a CLI ftp client.

Now, on z/OS the ftp client uses the command fwfriendly (short for firewall friendly).
0
 
LVL 6

Expert Comment

by:Taconvino
ID: 21264437
Excelent point!  My mistake.  Although, I just tried a couple of transfers using passive mode and they seem to work OK.  

TCV
0
 
LVL 57

Expert Comment

by:giltjr
ID: 21265456
If you look closely you will see the 200 Port Request OK response from the server, this indicates that the transfer was done in active mode.  This is because MS ftp client only knows about active, so as soon as you issue the GET/PUT it will issue PORT and then RETR/STOR as needed.  If you run a packet capture you should see this.





0
 
LVL 6

Expert Comment

by:Taconvino
ID: 21265527
Cool!  Now I feel like I owe you some points... :-)

Thanks for the info!
TCV
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When asking a question in a forum or creating documentation, screenshots are vital tools that can convey a lot more information and save you and your reader a lot of time
In this post we will be converting StringData saved within a text file into a hash table. This can be further used in a PowerShell script for replacing settings that are dynamic in nature from environment to environment.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question