Solved

Server 2008 R2 FTP server SNAFU

Posted on 2010-11-08
4
554 Views
Last Modified: 2012-05-10
I have an FTP server configured on an '08 R2 box behind a Cisco ASA 5505.  I have no problems accessing the server internally.  I can telnet from outside into the server on port 21.  When I try to use the web browser (IE8 or Firefox) it prompts me for the credentials and then fails to connect.  I have used both IIS7 and FileZilla (I even tried the FileZilla client) and nothing will connect.  To me, this thing is screaming firewall issue and I think NAT might be getting underfoot, but I cannot find any reason for it.  I have ports 20 and 21 open from outside and they are forwarded right to the server.  I have tried passive and active mode with no avail...any ideas?
0
Comment
Question by:219com
4 Comments
 
LVL 10

Expert Comment

by:jramsier
ID: 34086853
i think firewall.  on the cisco you say you have it fwed.  On the outside try to tellnet port 21 and check the logs on the cisco to see if you got traffic.  If you do it might be the firewall on Windows 2008 R2, ensure that port 21 is open to the public firewall (windows 2008 have muiple section of the firewall)
0
 

Author Comment

by:219com
ID: 34086951
I have disabled the Windows firewall all together.  When I check the ASA logs it is showing the inbound TCP connection to the correct port as does it when I try to connect with the web browser from outside.  It builds and instantly tears down the TCP connection.
0
 
LVL 3

Expert Comment

by:jeffmorlen
ID: 34093123
Within Filezilla you will need to configure the PASV ports to be used.
On the firewall you will need to map those back to the server.

Usually when you get "part" of an FTP server running, it is the firewall that is blocking the communications.  In this case, possibly TCP/UDP traffic on port 20 or PASV ports.
0
 
LVL 9

Accepted Solution

by:
gavving earned 500 total points
ID: 34096711
The ASA needs to have "inspect ftp" enabled.  You might also need the command "ftp mode passive".  \

Have you checked the Windows 2008 FTP server config to ensure that it's setup to allow FTP connections from non-local IP addresses?  

This walkthrough may not completely apply to you, but has some good information:
http://learn.iis.net/page.aspx/309/configuring-ftp-firewall-settings/

0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article will cover setting up redundant ISPs for outbound connectivity on an ASA 5510 (although the same should work on the 5520s and up as well).  It’s important to note that this covers outbound connectivity only.  The ASA does not have built…
Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now