FTP issue

Posted on 2011-03-14
Last Modified: 2012-05-11
I am trying to transfer a test file test.txt from my Computer to a Linux Server behind a firewall. I am able to connect to the server but I am not able to transfer the file, Below is the error

I have submitted this question earlier, It worked using a FTP client but I want it to work from msdos prompt

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.


C:\>ftp XXX.XXX.128.23
Connected to XXX.XXX.128.23
220 Access to this Computer System is Strictly Regulated and Subject to Criminal
User (XXX.XXX.128.23:(none)): schtz
331 Please specify the password.
230 Login successful.
ftp> put test.txt
500 Illegal PORT command.
> ftp: bind :Unknown error number
ftp> literal passive
500 Unknown command.
ftp> literal pasv
227 Entering Passive Mode (XXX,XXX,128,23,46,224)
ftp> put test.txt
> ftp: bind :Unknown error number

Open in new window

Question by:mnis2008
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +2

Expert Comment

ID: 35129588
You may have to change modes.  Try typing bin for binary and then resend the file.  If that does not work, try typing ascii for ascii before sending.  

Author Comment

ID: 35129609
Both my connection and data ports are open.

ftp> mkdir test
257 "/test" created
ftp> cd test
250 Directory successfully changed.
ftp> ls
500 Illegal PORT command.
ftp: bind :Unknown error number
ftp> cd ..
250 Directory successfully changed.
ftp> ls
ftp: bind :Unknown error number
LVL 68

Expert Comment

ID: 35129849

It seems to be evident that your data port is not open! What makes you think it is?

The messages you posted say that every command using only the control connection works, but any command needing the data connection doesn't.

So please recheck your firewall settings (end-to-end!)

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

LVL 16

Accepted Solution

AlexPace earned 300 total points
ID: 35129913
The data channel is used whenever you transfer a file or request a directory listing.

In that last log you when you sent an "ls" the server replied 500 Illegal PORT command.

That means you attempted to get a directory listing in Active Mode and the server rejected it. This could be for several reasons.  Most likely the server does not allow Active Mode transfers and you'll need to use PASV mode but it could be something less obvious like perhaps your firewall is "protocol aware" with regard to FTP and is modifying the IP address in your PORT command on the fly but it is making a mistake.  To know for sure you'd almost need a copy of the server's log to see what it thinks you sent.

In your first example you sent a literal PASV to request passive mode and the server replied with a positive response and invited you to use port 12000 as the data port for the upload.  Unfortunately the DOS ftp client can't do passive mode as far as I know.

To calculate the port that the server invited you to use, look at the last two numbers in the server's response to the PASV command: 46, 224

Convert them to hex:
46 = 2E
224 = E0

Now combine them: 2EE0

Now convert back to decimal 2EE0 = 12000

The built-in windows calculator can help you do this if you put it in programmer or scientific mode.

Author Comment

ID: 35129916
Hello wmp,

I am able to create a file and navigate inside the folder, So I thought my data port was open, Now I think I am wrong, Is there any test which can tell me that my data connection port is not open.

LVL 16

Expert Comment

ID: 35129936
Oh also don't trust that old RFC that says FTP uses port 20 for the data channel because that was written before the invention of passive mode.

Expert Comment

ID: 35141839
AlexPace is correct, the windows built-in ftp command-line client is not capable of passive mode ftp.

I believe most web browsers (IE, firefox, chrome) use passive mode by default for ftp urls, or quickly switch to passive mode if required. If you get a directory listing using a browser then you should be fine with an ftp client that can deal with passive mode[1]. If not, then the firewall is almost certainly getting in the way.

[1] is one such.


Author Comment

ID: 35142219
Thanks guy for all your information.

I am able to connect to the server in passive mode. Now the question is how can I tell If I have a FTP server that supports passive or active mode. I am using linux and how can this be told.

If there is a provision is there any parameter that I need to turn off/on to switch modes.
LVL 68

Expert Comment

ID: 35142271
Virtually every FTP server supports passive mode.
Some of the have the option to define a port range for passive mode ports.

Which FTP server do you use on Linux?

Check with "man ftpd" on Linux how to display brand and version.
Should be something like "/usr/sbin/ftpd -v" or "...... -version" or "......--version" or "..... --help"


Author Comment

ID: 35142343
I am using vsftpd on linux

 /usr/sbin/vsftpd -v
vsftpd: version 2.0.5

But how can I check if its a ACTIVE OR PASSIVE supported...???
LVL 68

Assisted Solution

woolmilkporc earned 200 total points
ID: 35142380

    Set to NO if you want to disallow the PASV method of obtaining a data connection.
    Set to YES if you want to disable the PASV security check that ensures the data connection
    originates from the same IP address as the control connection.
    The maximum port to allocate for PASV style data connections. Can be used to specify a narrow port
    range to assist firewalling.
    The minimum port to allocate for PASV style data connections. Can be used to specify a narrow
    port range to assist firewalling.

In your Q you quoted a log entry:

ftp> literal pasv
227 Entering Passive Mode (XXX,XXX,128,23,46,224)

This shows that the server accepted passive mode.


Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Trying to install php56 on CentOS 7 get GPG error 5 57
block mails from a particular country in postfix 7 79
SSH setup on ASA 5505 17 121
DB2 9.7 Grant Execute SP 4 59
rdate is a Linux command and the network time protocol for immediate date and time setup from another machine. The clocks are synchronized by entering rdate with the -s switch (command without switch just checks the time but does not set anything). …
In the first part of this tutorial we will cover the prerequisites for installing SQL Server vNext on Linux.
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question