Cannot connect to FTP server from Leopard Client

We have a location on our WAN with one Tiger desktop and one Leopard Laptop.
 The Tiger box can connect to our FTP server fine, but the Leopard box gets rejected.
 They are both on the same network/subnet.  
They are using the same credentials/user account.
 Neither of them have a software firewall activated from what I can tell.
On the Tiger box, I can connect from the finder, the terminal or Cyberduck, a 3rd partf FTP client..
From the Leopard box, I cannot connect from any of those methods.  When trying from the Terminal I get connection refused, when trying from the Finder it tells me I have the wrong password.. Cyberduck just fails almost instantly and retries over and over just to fail again and again.


Please help me.  I know the server is working fine as I can connect from any other box, including the tiger box which is on the same network as the Leopard box!
LVL 1
stconairAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Ghoti_AZCommented:
Does the Leopard box have its firewall set to restrict outbound FTP?  Can it FTP to other servers or itself?
stconairAuthor Commented:
I only see incoming connection rules as possible settings for the Leopard box.  Where are outbound settings?  The security pane in system prefs only seems to be controlling inbound ports.
stconairAuthor Commented:
Firewall is set to allow all incoming.. Like I said, I didnt think the builtin Firewall blocks outbound traffic.. not like little snitch, that program is intended to block outbound, but it is not installed on this machine.
Active Protection takes the fight to cryptojacking

While there were several headline-grabbing ransomware attacks during in 2017, another big threat started appearing at the same time that didn’t get the same coverage – illicit cryptomining.

Ghoti_AZCommented:
I have found that one can accidentally set the native Mac OS firewall to block outbound as well as inbound traffic.   I can get you a screen shot of what not to do when I get home.  Can the Leopard machine FTP into any other servers?
DJDecayCommented:
Your FTP problem is on the FTP SERVER Not on your Tiger and Leopard boxes.

Your FTP Server or some other equipment is issuing you a "Connection Refused" based on some criteria.

One of those could be a reverse DNS lookup that your Leopard Box has and the Tiger does not. Others could be source IP address or other such criteria. Its highly unlikely.

The best litmus test it to do the following.


$telnet <fqdn of your ftp server> 21
If you don't get a
220 Some FTP Server Software.

Then the connection is being rejected, sometimes, it will tell you why.

Also check if

$nslookup yourftpserver.com  
yelds equivalen results on both systems

one system may be using local DNS, while the other may have a hosts file or external name servers that issue it the wrong ip address of a machine that is not even running FTP.

Just my 2 cents.

stconairAuthor Commented:
nslookup results are identical
telnet on the working machine (Tiger) connects and then almost instantly gets a connection closed by foreign host, the other box (leopard) just remains on trying to connect.
stconairAuthor Commented:
I just realized that it works when I use the internal IP address to connect to our FTP.  I had tried the external, thinking it might be a DNS issue, but I failed to try the internal, which of course does not hit any Firewalls since it stays in our internal network/WAN.  I am a bit confused.  Resolv.conf looks the same on both machines... nslookup yields the same results for both machines... they are both on the same network.. why can one connect to the ftp server by name, and one can only connect using the internal ip?  Pinging the server name will get it's external IP in both machines.  Traceroute seems to give the same result on both machines, but they both timeout around number 60 (firewall maybe)  If it's a firewall, why wouldnt it affect both machines?
DJDecayCommented:
I suspected this was the case (typically external ip's will not be available from inside nat on the same device your're natting through)

Check your configs. Check the file /etc/hosts and see if there are any entries with an internal   IP of the ftp server address on one of the machines (that may have been put in as a workaround)
that does not exist on the second one.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
stconairAuthor Commented:
I believe this is not the server, but it is the fact that they tried to update the affected client computers OS themselves, and probably messes something up.  I will give the points to DJ for his efforts.
stconairAuthor Commented:
Thanks for the help.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Mac OS X

From novice to tech pro — start learning today.