Solved

FTP Issue Connecting through Web Browser but not FTP Client

Posted on 2010-08-22
2
821 Views
Last Modified: 2013-11-11
I'm not sure where I'm going wrong here so for the first time since joining a couple of years ago I'm going to actually ask a question.  I'm using Rumpus FTP server on OS X Server 10.5.  It's been running fine for months and now suddenly I've encountered the strangest issue:

While on the network, I'm able to connect via both FTP Client (using Cyberduck) and our external Website which includes a portal for our clients to upload to us.

While external, I can still upload via the web portal but not the client.   All of my users have experienced this.

I've gone back through the logs and Rumpus isn't showing the FTP Client attempts at logging in any way.   Now, my initial thought would be that this is some sort of a firewall issue but nothing has changed and I don't see anything abnormal.   Has anyone run into anything like this or have any troubleshooting suggestions?

I appreciate it!
0
Comment
Question by:Christian808
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 8

Accepted Solution

by:
et01267 earned 125 total points
ID: 33496749
How is your network connected to the internet?  If, in fact, nothing -- about your client, server, or intervening network equipment that you control -- has changed, then it must be either the ISP that you are connecting from or the ISP that your server is connected to.

It's possible that your ISP has suddenl started blocking FTP ports.  And this is the most likely possibility if "all of [your] users have experienced this".

However, if the assumption is incorrect that nothing has changed, then you might be having problems with passive vs active connections, and possibly "extended passive" issues as well.

I would suggest using the terminal FTP client ('ftp') and start it with

ftp -d user@your-server-address

which enables debugging. If you have trouble connecting, you might get some info.  Next try with the "-p" flag (for passive), the "-A" flag (force active), and finally, if you get connected but can't transfer anything, try giving the command epsv4 at the ftp> prompt (toggle the use of the extended EPSV and EPRT).

I presume that your Web FTP server is running on some port other than the standard FTP port, which is why you can get through.

If possible, I would suggest changing the external FTP port on your firewall and map it to the normal ports on the inside pointing to your server.  The tricky thing about FTP is it actually runs on 2 ports: 21 for control, and 20 for data.

The other thing is that FTP is inherently insecure.  You should use sftp instead.
0
 

Author Comment

by:Christian808
ID: 33502148
Thank you for the advice, as it actually turns out our Checkpoint Firewall had randomly re-assigned the IP Address that had we had been using for the forward.   Not sure why it decided to do that other than it must have been bored with the old one :D

Still you gave me the best direction to check thanks!!!
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Syslogd is a utility that traps and logs messages sent by running processes. It is configured with the syslog.conf file, which consists of lines containing a pair of fields: "the selector field which specifies the types of messages and priorities to…
Worried about if Apple can protect your documents, photos, and everything else that gets stored in iCloud? Read on to find out what Apple really uses to make things secure.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question