Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Port conflict - remote access and passive ftp - other than active ftp, any other solution?

Posted on 2007-12-07
5
Medium Priority
?
1,110 Views
Last Modified: 2013-11-29
Hi,

I'm running the latest MS Small Business Server, with 2 workstations and an FTP server for client art files.

I work via remote access from a site 50 kms away from the office, taking over one of the office machines. We have had to use ACTIVE rather than PASSIVE ftp connections. Unfortunately, there is a port conflict between remote terminal access and passive ftp, ie. the range of open ports required for passive ftp connections conflicts with the port required for remote access.

I provide PC clients with a preconfigured FTP client program for PC (WSFTP). At least 50% of clients contact us to say the FTP server isn't working. It *is* working of course, but we have to take them through how to use the preconfigured client program, despite the detailed notes we provide. Argh.

Is there any way to get PASSIVE FTP and REMOTE access working together? Any help would MOST greatly appreciated.

Kind Regards

Scott Wilson

0
Comment
Question by:thewillo
  • 2
  • 2
5 Comments
 
LVL 22

Expert Comment

by:dan_blagut
ID: 20426978
Hi
Did you try to connect using VPN connection?

Dan
0
 
LVL 57

Expert Comment

by:giltjr
ID: 20430501
There should be no port conflict between RDC and passive FTP.  What leads you to this conclusion?

Passive FTP's data connection port range is anything above 1024, that is port numbers 1024 - 65535.  Even though RDC uses a port with that range, the way passive FTP (actually the way requesting a TCP port number) there would be no conflict.
0
 

Author Comment

by:thewillo
ID: 20432270
Hi Dan - VPN is no good. Access speed way too slow.

Hi Giltjr - OK. I'm intrigued here. The system has been set up by an external IT guy who has been rock solid so far with all aspects of the installation. He mentioned that Active FTP was necessary due to the port conflict and I simply accepted that. What are your thoughts here? Are there security issues to consider using passive ftp and remote access together? My understanding was that it simply didnt work.

Have you actually set up a SBS network with passive ftp and remote access? How did you configure it? Look forward to your response.
0
 
LVL 57

Accepted Solution

by:
giltjr earned 2000 total points
ID: 20432820
There is no special configuration needed.  Windows Terminal Server listens on port 3389 by default.

When using passive ftp the server will open a TCP socket (port) for the data transfer session, it does not request a specific port, it requests any port that is numbered above 1023.  TCP keeps track of all open ports and will not open one that is already in use, since TS uses port 3389, TCP will never let the ftp server use this port.  So no conflict.

Depending on what firewall you use, there could be some security issues when using passive ftp.   If your firewall does not inspect ftp command/control sessions, then you must configure the firewall to allow all inbound request to your ftp server where the source and desitnation ports are above 1023.  This is not considered secure.  If your firewall inspects ftp command/control sessions, then it will dynamically create the rules to allow the data transfer connections through.  However most companies configure their firewalls not to allow active ftp.
0
 

Author Closing Comment

by:thewillo
ID: 31413359
Thanks, and sorry for slow response. We followed your advice and sure enough there is no conflict. Passive FTP and remote access now working together. You have solved a major problem in the business here.. Many thanks :)
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Please see preceding article here: http://www.experts-exchange.com/Networking/Operating_Systems/A_11209-Root-Bridge-Election.html Figure 1 After Root Bridge has been elected, then what?..... Let's start by defining a Root Port in la…
If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question