Solved

FTP client cannot connect/find directories

Posted on 2010-11-24
33
1,213 Views
Last Modified: 2012-08-14
Greetings,

I'm trying to connect to ftp site for web development work and for some reason on this particular one, it's having trouble and can't complete the connection.

I've tried all types of connection methods and data modes but none of them work.  I've used FireFTP, FTP Wanderer, SmartFTP and all cannot successfully connect; they continue to make attempts but then eventually quit, some stating the connection timed out.

Incidently, the person I'm working with can connect to the ftp site on his Mac using Fetch and I can also ping the ftp site successfully.

Please let me know what information is needed to troubleshoot this and find a solution because I need to get in there! :(
0
Comment
Question by:max7
  • 15
  • 13
  • 3
  • +1
33 Comments
 
LVL 3

Expert Comment

by:KevinTHayashi
ID: 34208196
While you may be able to ping the IP address, you may not be able to hit port 21.  The best way to test to see if you can get a response is to telnet to that port.

telnet ftp.servername.com 21

If you dont have telnet availabe at the command prompt, then you can use Putty and just change the telnet port to 21 instead of the default 23.  If you connect, you should be able to trp something into the console and see that you are typing it.  If you dont see anything, then you arent connecting to the port.

This would tell you at least if port 21 was limited to specific outside IP's or if you were being blocked for some reason.
0
 
LVL 11

Expert Comment

by:Paul S
ID: 34208211
What OS are you on? if XP from a command line type:

telnet <hostname or ip of ftp server> 21

if it says: connecting to <hostname>.... for a long time then port 21 is not open for your ip or possible ftp is using a non standard tcp port.

if you get a blank screen or some text appears: "Welcome to ftp blah blah..." then the port is open.

If you are on vista or windows 7 the instructions above will work after you go into add/remove windows features and you install "telnet client"

Also I use FileZilla:
http://filezilla-project.org/download.php
0
 
LVL 1

Author Comment

by:max7
ID: 34208467
>>> While you may be able to ping the IP address, you may not be able to hit port 21.  The best way to test to see if you can get a response is to telnet to that port.

When entered "telnet ftp.servername.com 21", I received the following response:

220 (vsFTPd 2.0.1)

What does it mean and how does this guide me to a resolution so I can connect via ftp?
0
 
LVL 1

Author Comment

by:max7
ID: 34208477
>>> What OS are you on? if XP from a command line type:

Sorry that I didn't include this info ... Windows 7 Ultimate 64x on two machines, XP Pro SP3 on another.
0
 
LVL 3

Expert Comment

by:KevinTHayashi
ID: 34208484
That means that you can hit the FTP server.  Now we need to work on authentication.

The Computer Guru 777 suggested using FileZilla, and I would have to agree with him.. Download this program and try to use it instead of the others that you have been trying
0
 
LVL 1

Author Comment

by:max7
ID: 34208500
>>>Also I use FileZilla:
http://filezilla-project.org/download.php

I thought about downloading and giving this a whirl but my thought was, I've used 3 different ftp clients already.  But I guess it couldn't hurt, right?
0
 
LVL 3

Expert Comment

by:KevinTHayashi
ID: 34208501
If you are still not able to connect, please cut and paste the exact error message that you are getting.  Please be sure to change the IP address or Hostname and User name to protect the innocent. :)
0
 
LVL 1

Author Comment

by:max7
ID: 34208722
here is what FileZilla says:

Status:    Resolving address of mydomain.net
Status:    Connecting to myipaddress:21 ...
Status:    Connection established, waiting for welcome message...
Response:    220 (vsFTPd 2.0.1)
Command:    USER myusername
Response:    331 Please specify the password.
Command:    PASS ********
Response:    230 Login successful.
Command:    SYST
Response:    215 UNIX Type: L8
Command:    FEAT
Response:    211-Features:
Response:     EPRT
Response:     EPSV
Response:     MDTM
Response:     PASV
Response:     REST STREAM
Response:     SIZE
Response:     TVFS
Response:    211 End
Status:    Connected
Status:    Retrieving directory listing...
Command:    PWD
Response:    257 "/"
Command:    TYPE I
Response:    200 Switching to Binary mode.
Command:    PASV
Response:    227 Entering Passive Mode (myipaddress,19)
Command:    LIST
Error:    Connection timed out
Error:    Failed to retrieve directory listing
0
 
LVL 2

Assisted Solution

by:markswelch
markswelch earned 100 total points
ID: 34208736
You may need to set the client connection method to Active

See this:
http://slacksite.com/other/ftp.html

HTH
0
 
LVL 3

Expert Comment

by:KevinTHayashi
ID: 34208750
Markswelch, I think you are on the right track, but I believe that is a server setting.
0
 
LVL 3

Expert Comment

by:KevinTHayashi
ID: 34208785
You could always try to force Active in teh FTP client as markswelch suggested.  Under the Account setup in FileZilla, select the "Transfer Settings" tab and select Active instead of Default.
0
 
LVL 1

Author Comment

by:max7
ID: 34208812
>>> You may need to set the client connection method to Active

Using FileZilla, Edit>Settings>FTP>Transfer Mode:  there is a choice between passive (which is recommended) and active.  I selected active.

If this is what you are suggesting I do, it didn't work either.  FileZilla says:

Status:    Resolving address of mydomain.net
Status:    Connecting to myipaddress:21...
Status:    Connection established, waiting for welcome message...
Response:    220 (vsFTPd 2.0.1)
Command:    USER myusername
Response:    331 Please specify the password.
Command:    PASS ********
Response:    230 Login successful.
Status:    Connected
Status:    Retrieving directory listing...
Command:    PWD
Response:    257 "/"
Command:    TYPE I
Response:    200 Switching to Binary mode.
Command:    PORT myports
Response:    200 PORT command successful. Consider using PASV.
Command:    LIST
Error:    Connection timed out
Error:    Failed to retrieve directory listing
0
 
LVL 3

Expert Comment

by:KevinTHayashi
ID: 34208859
Did you try to get a directory listing using Internet Explorer?  Open IE and type in ftp://serverhostiname.com

You should be presented with a username and password.  See if you get  adirectory listing there.
0
 
LVL 1

Author Comment

by:max7
ID: 34208952
>>> Did you try to get a directory listing using Internet Explorer?  Open IE and type in ftp://serverhostiname.com

I tried this in both IE and FF and both failed.  No login window was presented and firefox said "425 Failed to establish connection"

I even tried using Windows Explorer which failed and said:

"An error occurred opening that folder on the FTP Server.  Make sure you have permission to access that folder.  Details: The operation timed out."
0
 
LVL 11

Accepted Solution

by:
Paul S earned 150 total points
ID: 34209158
It sounds like the problem is on the server end and may be beyond your ability to resolve. Maybe their firewall is using IPS or IDS and the firewall sees something in a packet after the initial Authentication that it doesn't like and kills the connections. Can you do a constant ping "ping -t ipaddress" for 10 minutes, then press ctrl+c or ctrl+break to see what the packet loss is?
0
 
LVL 1

Author Comment

by:max7
ID: 34209291
>>>It sounds like the problem is on the server end and may be beyond your ability to resolve.

I am rapidly coming to the same conclusion ...

>>>Can you do a constant ping "ping -t ipaddress" for 10 minutes, then press ctrl+c or ctrl+break to see what the packet loss is?

0% packet loss.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 3

Expert Comment

by:KevinTHayashi
ID: 34209419
Have you verified the settings against the MAC user that can connect via Fetch?
0
 
LVL 1

Author Comment

by:max7
ID: 34209494
>>> Have you verified the settings against the MAC user that can connect via Fetch?

He told me that for the host, rather than using "ftp.mydomain.net" he simply put "mydomain.net"

Other than that, I've not been made aware of any differences in our setups.
0
 
LVL 3

Assisted Solution

by:KevinTHayashi
KevinTHayashi earned 250 total points
ID: 34209634
At this point, Im at a loss for suggestions.  I too would point to the server; however, the MAC user is able to connect without any issues.

Are you able to connect to other FTP servers without any issues?  Do you get a directory listing if you ftp to: ftp.mozilla.org
0
 
LVL 2

Expert Comment

by:markswelch
ID: 34209649
Is this FTP server on the same LAN as the client?
0
 
LVL 1

Author Comment

by:max7
ID: 34210237
>>>Are you able to connect to other FTP servers without any issues?  Do you get a directory listing if you ftp to: ftp.mozilla.org

Yes to both, which is why this problem (that suddenly appeared) is so perplexing.

>>>Is this FTP server on the same LAN as the client?

When you say the LAN and client, are you referring to the guy who can ftp to this on his Mac or my computer?  I can say for sure the ftp server is not on my LAN but I'm not sure about the Mac ... I will check with the other guy if you think it could be important to figuring this out.
0
 
LVL 2

Expert Comment

by:markswelch
ID: 34213080
This problem has happened to me in the past.  When you can login but cannot transfer or list files it's because the second port cannot establish a connection.  Most of the time it's because the FTP server is set to support passive and the firewall on the client side will not allow that second port to establish from the server to the client.  This is why active is prefered.  Check that link in my previous post.  Using that is how I got through this problem.
0
 
LVL 1

Author Comment

by:max7
ID: 34213778
>>>Most of the time it's because the FTP server is set to support passive and the firewall on the client side will not allow that second port to establish from the server to the client.

If I understand you correctly, you are saying that my firewall is blocking the second port connection attempt from the ftp server.  Is that correct?  If so, I should then be able to see these blocked connection attempts in my firewall logs (I'm using Comodo which monitors fastidiously this activity), but this is not the case -- there are no logs of this nature in my firewall events.

Furthermore, I've set the ftp clients I've used to active connection and the problem persisted ... if there is more ftp configuration necessary, let me know.  I will use whatever ftp client you are most familiar with to make it easier.

But your statement that "most of the time it's because the FTP server is set to support passive ..." is confusing to me when compared to the following statements from that article you provided:

"Active FTP is beneficial to the FTP server admin, but detrimental to the client side admin ... Passive FTP is beneficial to the client, but detrimental to the FTP server admin."

and

"Luckily, there is somewhat of a compromise. Since admins running FTP servers will need to make their servers accessible to the greatest number of clients, they will almost certainly need to support passive FTP."

The last part of the sentence in the last quote "they (the FTP server admins) will almost certainly need to support passive FTP" seems to indicate that FTP servers are not normally set to support passive as you stated in your last comment.  Am I way off base here?

That aside, the least I would like to establish is: do you think this problem is on my side (the client) or the ftp server side?  In other words, is this problem within my power to correct?  If that is the case, and setting my ftp client to active mode is the answer, why does this problem persist even after I make that adjustment?

The article also states the following:

"The exposure of high level ports on the server can be minimized by specifying a limited port range for the FTP server to use. Thus, everything except for this range of ports can be firewalled on the server side. "

Is this perhaps the answer i.e. asking that the FTP server uses only a specific port range and then I configure my FTP client accordingly to target those ports?



0
 
LVL 3

Expert Comment

by:KevinTHayashi
ID: 34213847
I would still point to the FTP server or firewall in front of the FTP server as the issue.  markswelch does have a point though, and I have seen similar issues where the are multiple ports configured for FTP.  Most of the time, this is related to TLS/SSL (FTPES, or FTPS) and runs on port 990 for FTPS and 21 for FTPS.

Again though, the Mac user is using Fetch wich only supports FTP and SFTP.  FTP runs on port 21 and SFTP runs on port 22 (over SSH). You verified that the server is running on port 21 by telnetting to that port (which you got a response in Telnet, which means that it does answer to requests), so I belive that the server is actually only running on that port only.

Try one last thing for me.  Pull up a commnand promt and type:

ftp servernam.com

It is a command based FTP client built into Windows (XP, Vista, and 7).  It should promt you for username and password.  If you are able to connect, type in "ls" to see if you get a directory listing then.
0
 
LVL 3

Expert Comment

by:KevinTHayashi
ID: 34213859
If "ls" doesnt work, you can also try "dir"
0
 
LVL 1

Author Comment

by:max7
ID: 34213925
>>>It should promt you for username and password.

It says "530 Please login with USER and PASS."

question is, in what way do I type it into the cmd prompt so it accepts my username and password?

Is it:

Myusername
Password

?
0
 
LVL 3

Expert Comment

by:KevinTHayashi
ID: 34213965
It should have prompted you for the username and password. Try to use the same method to ftp to ftp.mozilla.org to see what I mean.

The problem is server side, or they have some configuration that they are not telling you.  Just for s&g try using filezilla with the account set to sftp (instead of plain ftp)
0
 
LVL 1

Author Comment

by:max7
ID: 34213970
Ok I figured out the correct format for username and password so I'm in

Now when I type Is or dir, it says:

500 Unknown command.

I'm sure this means I'm typing these commands incorrectly ...
0
 
LVL 3

Expert Comment

by:KevinTHayashi
ID: 34214161
The ftp command is lower case LS and not IS
0
 
LVL 1

Author Comment

by:max7
ID: 34214237
>>>The ftp command is lower case LS and not IS

Ok thanks for correcting me.

So not matter what I type (ls or dir), I always get the response: 500 Unknown command.

I've tried:

ftp>get ls or dir

GET ls or dir

and just

ls or dir

what is the correct syntax?
0
 
LVL 3

Expert Comment

by:KevinTHayashi
ID: 34219743
The correct syntax is just as you typed it. Seems like a server side issue to me at this point. Did you ever try connecting using sftp rather than just ftp?
0
 
LVL 1

Author Comment

by:max7
ID: 34220388
>>>Did you ever try connecting using sftp rather than just ftp?

Yes, and it failed too stating the connection timed out.

I think that's all she wrote on this one.
0
 
LVL 1

Author Closing Comment

by:max7
ID: 34220396
I want to thank all of you for slogging through this one with me.  I think it's safe to say that the problem is on the server side and not on my side at this point.

Thanks again for your patience and tenacity.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
nmap scanner? 7 80
Monitor bandwidth 3 44
RIP Routing 5 48
SBS 2011 wireless nic? & dynamic VPN. 3 16
Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now