Link to home
Create AccountLog in
Avatar of TedMorey
TedMoreyFlag for United Kingdom of Great Britain and Northern Ireland

asked on

FTP login to new server failing

Hello - I am attempting to setup a new VMWare virtual server sitting behind a NAT firewall - the VM is setup to run Windows Server 2003 and I can successfully connect using remote desktop. One of my first jobs is to get FTP access up and running and this is something I've done several times before - but never previously on a virtual machine or on a server sitting behind a NAT firewall. I've configured the root folder within IIS and set the security settings for that directory to allow the administrator to access it. All well and good so far, but when I try and connect to the FTP server, my client (SmartFTP) log looks like this and the connection fails...

(NOTE: I've replaced the external IP address with x.x.x.x and the IP address of the server behind the NAT firewall with y.y.y.y)

[18:41:36] SmartFTP v4.0.1145.0
[18:41:37] Resolving host name "x.x.x.x"
[18:41:37] Connecting to x.x.x.x Port: 21
[18:41:37] Connected to x.x.x.x.
[18:41:37] 220 Microsoft FTP Service
[18:41:37] USER Administrator
[18:41:37] 331 Password required for Administrator.
[18:41:37] PASS (hidden)
[18:41:37] 230-Hello!
[18:41:37] 230 User Administrator logged in.
[18:41:37] SYST
[18:41:37] 215 Windows_NT
[18:41:37] Detected Server Type: Windows NT
[18:41:37] RTT: 18.316 ms
[18:41:37] FEAT
[18:41:37] 211-FEAT
[18:41:37]     SIZE
[18:41:37]     MDTM
[18:41:37] 211 END
[18:41:37] Detected Server Software: Microsoft IIS FTP Service
[18:41:37] TYPE I
[18:41:37] 200 Type set to I.
[18:41:37] REST 0
[18:41:37] 350 Restarting at 0.
[18:41:37] PWD
[18:41:38] 257 "/" is current directory.
[18:41:38] TYPE A
[18:41:38] 200 Type set to A.
[18:41:38] PORT 192,168,0,5,89,233
[18:41:38] 200 PORT command successful.
[18:41:38] LIST -aL
[18:41:38] 150 Opening ASCII mode data connection for /bin/ls.
[18:41:59] 425 Can't open data connection.
[18:41:59] PASV
[18:41:59] 227 Entering Passive Mode (y,y,y,y,39,18).
[18:41:59] Passive ip address returned from server different from server ip.
[18:41:59] Opening data connection to y,y,y,y,6 Port: 10002
[18:41:59] LIST -aL
[18:42:11] 425 Can't open data connection.
[18:42:41] NOOP
[18:42:41] 200 NOOP command successful.
[18:43:12] NOOP
[18:43:12] 200 NOOP command successful.

Any ideas why this is failing?

Thanks
Ed
Avatar of TedMorey
TedMorey
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

Hello - I've done some more of my own digging and have found the following interesting article...

http://www.smartftp.com/forums/index.php?/topic/16969-can-connect-to-server-from-lan-but-not-wan

This is exactly what I'm seeing and the article tells me it is do with the server sending its local IP address as it's response to the PASV request. Now when I use SmartFTP I can get around this by changing the option discussed in the article - i.e. "Force PASV IP" to Enabled - and everything works fine.

However, my other FTP client software (i.e. that built into Dreamweaver) is nowhere near as sophisticated and fails miserably.

Is there any config in the IIS6 which will allow me to tell the server to pass its external address in response to the PASV request???

Thanks
Ed
ASKER CERTIFIED SOLUTION
Avatar of laughelemental
laughelemental
Flag of United States of America image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Hi guys - thanks for the input. In the end after chatting it through with my ISP, we decided to disable IIS' FTP server and to install Filezilla instead. Filezilla allows you to specify what external IP port is returned during a PASV data negotiation and it appears to be working fine now.