We have a site-to-site VPN tunnel setup with a client, and we are experiencing a very unusual problem with FTP. I do not know what type of firewall is on the client's side, however we have a SonicWall PRO 4100.
Phase I: Group5/AES-256/SHA1/
Phase II: ESP/AES-256/SHA1
It's worth noting that through that tunnel, we are being routed to 21 subnets across this client's network.
We are allowed to FTP to all 21 subnets, and that works just fine. However, we have a problem with one particular machine. We can FTP to that machine from virtually anywhere on our internal network, but some machines fail to transfer files larger than few MBs. In addition, I can perfectly fine ftp to the remote server from a machine on (LET'S SAY) vlan200, and at the same time another machine on the same vlan will time out during the data transfer. We were able to eliminate few possibilities:
- It's not hardware/vendor specific (Dell/Lenovo)
- Not subnet specific
- We are not able to get the machines that time out to work
- We are not able to get the machines that DO WORK to reproduce the problem
FTP Server is:
IIS based - (Timeout is set to 120 seconds (tested with 900 seconds without luck), unlimited connections allowed)
FTP Clients tested:
Command Prompt Error:
Connected to X.X.X.X
220 Microsoft FTP Service
User (X.X.X.X:(none)): username
331 Password required for username.
230 User username logged in.
200 Type set to I.
ftp> mput filename
mput of62.exe? y
200 PORT command successful.
150 Opening BINARY mode data connection for of62.exe.
> Netout :Software caused connection abort
426 Connection closed; transfer aborted.
: 65535 bytes sent in 206.66Seconds 0.32Kbytes/sec.
We tried both passive and active modes and both fail during the file transfer with the same error:
Error: Connection timed out
Error: File transfer failed after transferring 262,144 bytes in 21 seconds
Note: Nodes that time out during file transfer over VPN tunnel, transfer files internally through FTP without any problems.
Any help appreciated.