asked on
FTP PORT AND LIST NOT IN SAME SESSION
Hello I'm trying to use windows Native ftp client to connect to a VPN tunnel in Active mode.
Everything connects and runs without a problem until I run the LIST command immediately following the PORT then I get this error:" 425 Not able to open data connection."
I think maybe its because when I run the PORT command on literal
ex: LITERAL PORT 33,22,22,28,23,133 then press ENTER
then run the LIST command then press ENTER, I get the error because the VPN server is attempting to return the output of the LIST command on port 133 but the connection was closed
Is there anyway to run both PORT and LIST or PORT and STOR together so that the VPN server knows where to return the information rather than PORT ENTER STOR ENTER
Everything connects and runs without a problem until I run the LIST command immediately following the PORT then I get this error:" 425 Not able to open data connection."
I think maybe its because when I run the PORT command on literal
ex: LITERAL PORT 33,22,22,28,23,133 then press ENTER
then run the LIST command then press ENTER, I get the error because the VPN server is attempting to return the output of the LIST command on port 133 but the connection was closed
Is there anyway to run both PORT and LIST or PORT and STOR together so that the VPN server knows where to return the information rather than PORT ENTER STOR ENTER
Server SoftwareVPNNetworking Protocols
Last Comment
giltjr
ASKER
Yes my port is acutually listening on 6021 and I know this since the VPN server response
is '200 PORT subcommand request successful.'
but when I immediately try getting the list from the server running LIST,
I get '425 Not able to open data connection'
is '200 PORT subcommand request successful.'
but when I immediately try getting the list from the server running LIST,
I get '425 Not able to open data connection'
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
If you mean can you return data on the same port/connection as you are issuing commands, the answer is no.
FTP is a two connection protocol. One connection is use for issuing commands and returning the return code of the command. The other connection is used for returning data. The results of a ls/dir command is considered data to ftp, so when you do a ls/dir the results are returned on a data connection.
There are two types of data connections. One is active, which uses the PORT command. The other is passive, which uses the PASV command.
If the VPN server is acting as a proxy or firewall and is attempting to return the results of the LIST command on port 133 based o the port command "33,22,22,28,23,133" then it is doing the wrong thing. The 1st for sets of parameters is the IP address, so 33,22,22,28 maps to 33.22.22.28 as the IP address. The next two parameters are used in a formula to get the port number. The formual is a*256+b where in your case a=23 and b=133, which equals 6021.
This means that your FTP client has IP address 33.22.22.28 and should have opened a socket on port 6021 and shold be waiting and listening for the server to initiate a connection from port 20 to port 6021.
Why are using issuing the command "LITERAL PORT 33,22,22,28,23,133"? Is your ftp client actually opening up a socket and listening on 6021 when you do this?