Solved

FTP over vpn points

Posted on 2011-03-07
8
1,289 Views
Last Modified: 2013-12-27
Trying to transfer a file through ftp from one VPN point A to VPN point B.

ftp
open ip-for-point-A
ftp> put c:\posdata\002\FORHTA02.TXT forhta
501 IP Address for data destination doesn't match client's.
425      No data connection
: The type of socket is not supported in this protocol family.

the operating system from on point a is IBM AIX and the one in point b is WINDOWS XP.

any ideas?

0
Comment
Question by:vlachosg
  • 5
  • 2
8 Comments
 
LVL 10

Expert Comment

by:lucius_the
ID: 35062183
Before the transfer, try to switch to FTP passive mode. The command issued before the transfer is PASV.
0
 
LVL 10

Expert Comment

by:lucius_the
ID: 35062195
Hm hm... The biult in Windows FTP client doesn't seem to support passive mode FTP. Try using Total Commander (http://www.ghisler.com/download.htm) or some other program.
0
 
LVL 10

Expert Comment

by:dfke
ID: 35062204
Is the Windows XP in a Vmware environment? If so change network type from nat to brigde mode.  If using FTP from a machine which doesn't have a correct IP address such as private network, try setting up the IP address correctly.
0
 

Author Comment

by:vlachosg
ID: 35062571
It is a real Windows XP not a virtual machine.

trying passive

ftp> quote pasv
227 Entering Passive Mode (192,168,11,1,131,196)
ftp> put c:\posdata\002\forhta02.txt forhta

...never ended


trying total commander it transfered the file.

The problem is that I have scrips already running from the command line that will need the native ftp windows client to work. Otherwise I ll need to find a way of running totalcommander's ftp from the command line?

Any ideas?

0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 10

Expert Comment

by:lucius_the
ID: 35062639
Yes, use anohter command line client - I used ftps.exe, gimme a moment to find the link...
0
 
LVL 10

Accepted Solution

by:
lucius_the earned 500 total points
ID: 35062673
Yep. Here it is: http://www.ipswitchft.com/products/moveitFreely/index.aspx

Try with that, works well for me, I do daily backups with it. It also supports FTPS (SSL/TLS certificates) and is scriptable, you can provide it a text file with command in it.
0
 

Author Comment

by:vlachosg
ID: 35062719
so just out of curiosity why isn't it working with the freaking native win xp ftp client?
0
 
LVL 10

Expert Comment

by:lucius_the
ID: 35062801
I don't know actually. I've read that windows FTP client doesn't work well on passive mode transfers, and never really digged :)

FTP is an old protocol. It was designed to be used in early Internet, when all computers on the network had a fixed (public) IP address and there were no firewalls - all ports were accessible. Then, with time, firewall started to block ports, and things like NAT devices were invented, so that more computers in LAN could share a single public IP address. That's when the default (active) FTP stopped working and passive FTP was the way around - it enables client devices to connect to FTP server when opening data links and not the other way around which is the case with active FTP - since that won't work behind firewalls and NAT devices.

But, as FTP is probably as old as Internet, and there are other, better ways of transfering files... I guess nobody at Microsoft bothered to support this more than "declaratively". And so we have a partially working client built in, one that works in LAN, but doesn't work well in other situations ;)
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Suggested Solutions

In this article we will discuss all things related to StageFright bug, the most vulnerable bug of android devices.
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now