Fastream Secure FTP Setup

Posted on 2010-08-17
Medium Priority
Last Modified: 2013-12-02
I've had Fastreams FTP server running for years on a server behind a firewall.  I now need to setup a secure FTP host as well.  The port 990 is open.  I created a new ftp to listen to port 990 in the program.  I am able to connect to the new FTP server and authenticate with FileZilla from a remote location.  The problem begins when I try to get a directory listing.  In the FTPS I see:

Response:      227 Entering Passive Mode (10,192,1,23,39,16). -- being the internal IP address of the server.
Status:      Server sent passive reply with unroutable address. Using server address instead.
Command:      LIST
Response:      150 Opening data connection for folder list.
Error:      Connection timed out
Error:      Failed to retrieve directory listing

When I log into the working FTP I see something like this:

Response:      227 Entering Passive Mode (xx,xx,xx,xx,12,104).-- Where xx.xx.xx.xx is the external IP address
Command:      LIST
Response:      150 Opening data connection for folder list.
Response:      226 File sent ok
Status:      Directory listing successful

Any suggestions?  I am aware the Fastream only supports explicit and I have that selected in FileZilla.

On the firewall log it shows:  the port 990 is connecting fine but then it fails trying to go to port 10000

any ideas?
Question by:ekee
  • 2
  • 2

Author Comment

ID: 33488219
It seems like the failure is in the way my network is set up?  Maybe the NAT?
LVL 32

Expert Comment

ID: 33488531
If the client uses active mode instead of passive is the problem eliminated; if yes, then we need to set up NAT differently on WG.

Thank you.

Accepted Solution

ekee earned 0 total points
ID: 33628995
I eventually worked it out myself.  The solution required all of the following - Manual Passive Mode, turned on.  WAN IP selected and entered.  Passive port range set and we had to open the same ports on the WG.  It's a little clunky but it works.
LVL 32

Expert Comment

ID: 33629033
Thank you for the update.

Featured Post

WEBINAR: GDPR Implemented - Tips & Lessons Learned

Join the WatchGuard team on Thursday, March 29th as we recount some valuable lessons learned in weighing the needs of a business against the new regulatory environment, look ahead at the two months left before implementation, and help you understand the steps you can take today!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
If you try to migrate from Elastix to Issabel, you will face a lot of issues. These problems are inevitable but fortunately, you can fix them. In the guide below, I will explain how I performed the migration while keeping all data and successfully t…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question