Not able to access FTP site behind PIX firewall

Posted on 2008-10-30
Last Modified: 2013-12-02
I published one FTP in IIS and it is working fine locally. If I try to access from out side, i am getting error " permission problem"  I installed filezilla FTP client and I got the below error:
Status:      Connecting to
Status:      Connection established, waiting for welcome message...
Response:      220 Microsoft FTP Service
Command:      USER anonymous
Response:      331 Anonymous access allowed, send identity (e-mail name) as password.
Command:      PASS **************
Response:      230 Anonymous user logged in.
Command:      SYST
Response:      215 Windows_NT
Command:      FEAT
Response:      211-FEAT
Response:          SIZE
Response:          MDTM
Response:      211 END
Status:      Connected
Status:      Retrieving directory listing...
Command:      PWD
Response:      257 "/" is current directory.
Command:      TYPE I
Response:      200 Type set to I.
Command:      PASV
Response:      227 Entering Passive Mode (192,168,1,9,5,5).
Status:      Server sent passive reply with unroutable address. Using server address instead.
Command:      LIST
Response:      425 Can't open data connection.
Error:      Failed to retrieve directory listing
I already forwarded ports 21 and 20 in pix to local FTP server.
What extra settings I need to access the FTP from outside through IE or Windows Explorer.

Question by:osigrp
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Expert Comment

ID: 22839146
Ftp uses more ports then 20 and 21, in your case i guess you need to forward port 1023 also.
You can also look at your pix log, to see why the connection is dropped.
see this article for more information on port use of FTP

Author Comment

ID: 22839268
But How I can see the pix log?? any commands?

Accepted Solution

bml104 earned 500 total points
ID: 22840328
assuming you have not internal access-list

fixup protocol ftp

Expert Comment

ID: 24807653
Thanks. "fixup protocol ftp" worked for me.

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article was originally published on Monitis Blog, you can check it here . Today it’s fairly well known that high-performing websites and applications bring in more visitors, higher SEO, and ultimately more sales. By the same token, downtime…
There’s a movement in Information Technology (IT), and while it’s hard to define, it is gaining momentum. Some call it “stream-lined IT;” others call it “thin-model IT.”
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question