Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 828
  • Last Modified:

FTP Issue Connecting through Web Browser but not FTP Client

I'm not sure where I'm going wrong here so for the first time since joining a couple of years ago I'm going to actually ask a question.  I'm using Rumpus FTP server on OS X Server 10.5.  It's been running fine for months and now suddenly I've encountered the strangest issue:

While on the network, I'm able to connect via both FTP Client (using Cyberduck) and our external Website which includes a portal for our clients to upload to us.

While external, I can still upload via the web portal but not the client.   All of my users have experienced this.

I've gone back through the logs and Rumpus isn't showing the FTP Client attempts at logging in any way.   Now, my initial thought would be that this is some sort of a firewall issue but nothing has changed and I don't see anything abnormal.   Has anyone run into anything like this or have any troubleshooting suggestions?

I appreciate it!
0
Christian808
Asked:
Christian808
1 Solution
 
et01267Commented:
How is your network connected to the internet?  If, in fact, nothing -- about your client, server, or intervening network equipment that you control -- has changed, then it must be either the ISP that you are connecting from or the ISP that your server is connected to.

It's possible that your ISP has suddenl started blocking FTP ports.  And this is the most likely possibility if "all of [your] users have experienced this".

However, if the assumption is incorrect that nothing has changed, then you might be having problems with passive vs active connections, and possibly "extended passive" issues as well.

I would suggest using the terminal FTP client ('ftp') and start it with

ftp -d user@your-server-address

which enables debugging. If you have trouble connecting, you might get some info.  Next try with the "-p" flag (for passive), the "-A" flag (force active), and finally, if you get connected but can't transfer anything, try giving the command epsv4 at the ftp> prompt (toggle the use of the extended EPSV and EPRT).

I presume that your Web FTP server is running on some port other than the standard FTP port, which is why you can get through.

If possible, I would suggest changing the external FTP port on your firewall and map it to the normal ports on the inside pointing to your server.  The tricky thing about FTP is it actually runs on 2 ports: 21 for control, and 20 for data.

The other thing is that FTP is inherently insecure.  You should use sftp instead.
0
 
Christian808Author Commented:
Thank you for the advice, as it actually turns out our Checkpoint Firewall had randomly re-assigned the IP Address that had we had been using for the forward.   Not sure why it decided to do that other than it must have been bored with the old one :D

Still you gave me the best direction to check thanks!!!
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now