Solved

Problems connecting to Filezilla FTP Server

Posted on 2011-03-02
8
2,070 Views
Last Modified: 2013-11-29
I have just moved our set up to a new office and our FTP Server is no longer working. We are behind an office block firewall now and I have got them to open and forward port 32895 to the FTP server. I have configured the client for active FTP and all outgoing ports are open. Here is what I get:

(000011)02/03/2011 20:13:46 - (not logged in) (165.228.155.172)> Connected, sending welcome message...
(000011)02/03/2011 20:13:46 - (not logged in) (165.228.155.172)> 220-FileZilla Server version 0.9.37 beta
(000011)02/03/2011 20:13:46 - (not logged in) (165.228.155.172)> 220-written by Tim Kosse (Tim.Kosse@gmx.de)
(000011)02/03/2011 20:13:46 - (not logged in) (165.228.155.172)> 220 Please visit http://sourceforge.net/projects/filezilla/
(000011)02/03/2011 20:13:46 - (not logged in) (165.228.155.172)> USER tom.white
(000011)02/03/2011 20:13:46 - (not logged in) (165.228.155.172)> 331 Password required for cfep_australia
(000011)02/03/2011 20:13:47 - (not logged in) (165.228.155.172)> PASS *********
(000011)02/03/2011 20:13:47 - cfep_australia (165.228.155.172)> 230 Logged on
(000011)02/03/2011 20:13:47 - cfep_australia (165.228.155.172)> PWD
(000011)02/03/2011 20:13:47 - cfep_australia (165.228.155.172)> 257 "/" is current directory.
(000011)02/03/2011 20:13:48 - cfep_australia (165.228.155.172)> TYPE I
(000011)02/03/2011 20:13:48 - cfep_australia (165.228.155.172)> 200 Type set to I
(000011)02/03/2011 20:13:48 - cfep_australia (165.228.155.172)> PORT 10,0,0,6,194,74
(000011)02/03/2011 20:13:48 - cfep_australia (165.228.155.172)> 200 Port command successful
(000011)02/03/2011 20:13:48 - cfep_australia (165.228.155.172)> MLSD
(000011)02/03/2011 20:13:48 - cfep_australia (165.228.155.172)> 150 Opening data channel for directory list.
(000011)02/03/2011 20:13:59 - cfep_australia (165.228.155.172)> 425 Can't open data connection.

Open in new window


Could anyone share any light on what is happening? Thanks.
0
Comment
Question by:suroma
  • 4
  • 3
8 Comments
 
LVL 6

Expert Comment

by:Bxoz
ID: 35021701
Did you try to connect you from an external system, outside of your LAN.
The router blocks access to its own external address from the inside, due to identifying it as a possible attack

Make sure FileZilla Server is allowed to establish outgoing connections to arbitrary ports, since the client controls which port to use.

http://wiki.filezilla-project.org/Network_Configuration
0
 

Author Comment

by:suroma
ID: 35021869
Yes tested from outside our LAN. How do I allow 'FileZilla Server is allowed to establish outgoing connections to arbitrary ports'?
0
 
LVL 6

Expert Comment

by:Bxoz
ID: 35021994
If you have configure active mode you should allow a range of port
 Settings-activemode.png
0
 

Author Comment

by:suroma
ID: 35022140
Where is this form? I can't find it on Filezilla server. All I have is Passive mode settings.
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 6

Expert Comment

by:Bxoz
ID: 35022629
Ok my mistake it's for the client side.

If your outgoing traffic is block maybe you can try to open the TCP 20 (by default for the DATA) from your ftp server
0
 
LVL 6

Accepted Solution

by:
Bxoz earned 300 total points
ID: 35022750
otherwise try to see what's happen with  Active Ports

http://download.cnet.com/Active-Ports/3000-2651_4-29653.html
0
 
LVL 16

Assisted Solution

by:AlexPace
AlexPace earned 200 total points
ID: 35043793
Your FTP client sent this command:
PORT 10,0,0,6,194,74

That command tells the server to open a data channel back to your client by connecting to 10.0.0.6 on port 49738.

So if the FTP server is external (off the local 10.x.x.x network) it won't be be able to connect or also if port 49738 is blocked by the firewall.
0
 

Author Closing Comment

by:suroma
ID: 35174852
Thanks for the pointers, all sorted.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now