Solved

FTP upload error

Posted on 2011-03-16
36
1,401 Views
Last Modified: 2013-12-02
I am trying to  upload a file to my ftp and I cannot complete the upload due to the following error,
note that the mode must be passive to complete the process.

150 Opening BINARY mode data connection.
> Netout :Software caused connection abort
425 Cannot open data connection.

Can anyone help?
0
Comment
Question by:renegadecy
  • 17
  • 9
  • 9
  • +1
36 Comments
 
LVL 5

Expert Comment

by:meb_santoso
ID: 35148101
it's something on the other end: getting a 150 return code from the FTP server means that there isn't anything wrong with your own end.

The only thing I can think of is that the TCP port number chosen for the data connection is being blocked.

Are you 510% sure that you have the write permisson on the server (is it by any chance an AS/400?)

Try active connection? (yes, I notice that it must be passive mode, but just for the sake of trying)
0
 

Author Comment

by:renegadecy
ID: 35148124
IIS 7 with windows Firewall OFF
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35148142
Any other firewall between you and the ftp server?
0
 

Author Comment

by:renegadecy
ID: 35148182
cisco asa 5510
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35148211
Do you have 'inspect ftp' in place in the ASA?
0
 

Author Comment

by:renegadecy
ID: 35148265
no,  shall i enable it?
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35148270
Please do.
0
 

Author Comment

by:renegadecy
ID: 35148279
I did it, and it crashes  when it goes to passive
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35148328
Not the ASA I hope?

Could you check the (ASDM) logs when trying to set up the ftp and see if that shows anything.
0
 

Author Comment

by:renegadecy
ID: 35148519
in the description field there is

ftp port command defferent addresss 192.168.1... (IP address) to  another **IP**
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35148703
Hm, that should mean: A client issued an ftp port command and supplied an address other than the address used in the connection
Is there any other networking device (NATting) in between that might cause problems?
0
 

Author Comment

by:renegadecy
ID: 35148740
nop
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35148797
What are you using as an ftp client?
0
 

Author Comment

by:renegadecy
ID: 35148827
filezila
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35148877
What happens if you try another client? Or if you do it from a cmd windows using ftp -d ?
0
 

Author Comment

by:renegadecy
ID: 35148978
yes the same issue
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35149002
So could you post what's showing when doing the ftp -d session (sanitized) ?
0
 

Author Comment

by:renegadecy
ID: 35149078
sure
ftp> open 192.168.**.***
Connected to 192.168.**.***.
220-Microsoft FTP Service
220 COMPANY NAME
User (192.168. 168.**.***:(none)):
331 Password required for ftp.user@domainname.

230-Welcome to *** FTP Site
    Directory has 232,557,346,816 bytes of disk space available.
230 User logged in.
ftp> bin
200 Type set to I.
ftp> LITERAL PASV
227 Entering Passive Mode (192,168,**,*,***,***).
ftp> put new.bmp
200 PORT command successful.
150 Opening BINARY mode data connection.
> Netout :Software caused connection abort
425 Cannot open data connection.
ftp: 65535 bytes sent in 0,11Seconds 595,77Kbytes/sec.
ftp> quit
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35149229
Just to check, the values under the starts are all the same?

Looking at the ip, are you connecting from the inside or a dmz or the outside?
0
 

Author Comment

by:renegadecy
ID: 35149249
outside behind other  asa
0
 
LVL 16

Expert Comment

by:AlexPace
ID: 35149730
You sent PASV and then sent PORT.  

When you send PASV you ask the server to go into passive mode.  If you look at the server's response  (192,168,**,*,***,***) ... those last 2 numbers after the IP address are the port number that the server was waiting offering up to use for a passive mode transfer.

Then when you did the PUT the software sent a PORT command, which is an Active Mode trasnfer.  If your log was better it would actually show the full port command which is in the same format at the servers PASV response except it is your IP address and the port you are inviting the server to open a connection to you for an Active Mode transfer.

So I guess I am saying that you are not using passive mode at all in this log.  You ask for it.  The server says OK, then you turn around and actually attempt to use active mode instead, and that fails.
0
 

Author Comment

by:renegadecy
ID: 35149921
how did u find that I turn around to active mode instead? ( when the server says ok....)

How can I fix this?


thanks a lot for yiour immediate response
0
 
LVL 16

Expert Comment

by:AlexPace
ID: 35150047
You sent a literal PASV to the server and the server agreed to do it so at least you know that the server is willing to play ball in passive mode.

Unfortunately, the FTP client that generated the log you posted sent a PORT raw ftp command when you used the "put" client verb.  PUT is not a raw ftp command it is a meta command created by the client... it may combine multiple raw ftp commands line one to enable binary mode, another to set active/passive mode, and finally a raw STOR to actually upload the file.
0
 

Author Comment

by:renegadecy
ID: 35150075
what ftp client will u suggest me? and finally fix my issue? How can I configure the cleint
0
 
LVL 16

Expert Comment

by:AlexPace
ID: 35150726
Robo-FTP more of a development tool for creating scripts that do repetitive upload tasks but it has nice logging and a 30-day eval that you could use to at least get a handle on the issue.  Also it defaults to passive mode for all transfers so that should help.  After installing it, type these commands into the console window:  (use server ip, username and password)
TRACELOG "problem_trace.log"
FTPLOGON "192.168.XXX.XXX" /user="MyUserID" /pw="MySecret"  
SENDFILE "readme.txt"
FTPLOGOFF

Open in new window

This should cause Robo-FTP to upload its own readme.txt file to your FTP server... but thats not why you are doing it... what you really want is the log files.  Look under the Robo-FTP installation folder and find a new file named problem_trace.log and it will show the actual low-level raw FTP conversation between the client and the server.  If it fails, post the lower part of the log starting with the PASV command and the server's response so we can help troubleshoot.
0
 

Author Comment

by:renegadecy
ID: 35156068
Please find attached the error

Robo-FTP(4460) v3.7.8.1 TRACE LOG FILE        [ SN: *EVAL* ]

Thu Mar 17 14:40:16  => OS: WIN.NETSRV
Thu Mar 17 14:40:16  => UserName: ********
Thu Mar 17 14:40:22  => Error: Could not read settings for site 192.168.19.** from registry: ServerName: QueryString size failed: The handle is invalid.
Thu Mar 17 14:40:22  => *Logging on to <192.168.19.***> as FTP.
Thu Mar 17 14:40:22  => Connection object created
Thu Mar 17 14:40:22  => wodFtpDLX.dll version 3.0.9.618, wodCertifcate.dll version (null)
Thu Mar 17 14:40:22  => Logging on...
Thu Mar 17 14:40:22  => Connecting to "192.168.*****"...
Thu Mar 17 14:40:22  => Status: Connecting to server
Thu Mar 17 14:40:22  => -<- 220-Microsoft FTP Service
Thu Mar 17 14:40:22  => 220 HELLAS  SAT
Thu Mar 17 14:40:22  => Status: Sending authentication data
Thu Mar 17 14:40:22  => ->- USER username.
Thu Mar 17 14:40:22  => -<- 331 Password required for ftp.user@*****t..
Thu Mar 17 14:40:22  => ->- PASS **********
Thu Mar 17 14:40:22  => -<- 230-Welcome to  FTP Site
Thu Mar 17 14:40:22  => Directory has 232,556,949,504 bytes of disk space available.
Thu Mar 17 14:40:22  => 230 User logged in.
Thu Mar 17 14:40:22  => ->- FEAT
Thu Mar 17 14:40:23  => -<- 211-Extended features supported:
Thu Mar 17 14:40:23  => LANG EN*
Thu Mar 17 14:40:23  => UTF8
Thu Mar 17 14:40:23  => AUTH TLS;TLS-C;SSL;TLS-P;
Thu Mar 17 14:40:23  => PBSZ
Thu Mar 17 14:40:23  => PROT C;P;
Thu Mar 17 14:40:23  => CCC
Thu Mar 17 14:40:23  => HOST
Thu Mar 17 14:40:23  => SIZE
Thu Mar 17 14:40:23  => MDTM
Thu Mar 17 14:40:23  => REST STREAM
Thu Mar 17 14:40:23  => 211 END
Thu Mar 17 14:40:23  => ->- OPTS UTF8 ON
Thu Mar 17 14:40:23  => -<- 200 OPTS UTF8 command successful - UTF8 encoding now ON.
Thu Mar 17 14:40:23  => ->- PWD
Thu Mar 17 14:40:23  => -<- 257 "/" is current directory.
Thu Mar 17 14:40:23  => Status: Connected to server - idle
Thu Mar 17 14:40:23  => Log on successful.
Thu Mar 17 14:40:23  => ->- PWD
Thu Mar 17 14:40:23  => Status: Executing command on the server
Thu Mar 17 14:40:23  => Status: Connected to server - idle
Thu Mar 17 14:40:23  => -<- 257 "/" is current directory.
Thu Mar 17 14:40:23  => RawSend returning 257
Thu Mar 17 14:40:30  => Sending file C:\Users\*****\Documents\Robo-FTP 3.7\Readme.txt as Readme.txt: timeout set to 30
Thu Mar 17 14:40:30  => Status: Sending data to server
Thu Mar 17 14:40:30  => Status: Setting transfer mode
Thu Mar 17 14:40:30  => ->- TYPE I
Thu Mar 17 14:40:30  => -<- 200 Type set to I.
Thu Mar 17 14:40:30  => Status: Changing current directory
Thu Mar 17 14:40:30  => truncating extraneous CWD request
Thu Mar 17 14:40:30  => Status: Sending data to server
Thu Mar 17 14:40:30  => Status: Getting secondary data channel
Thu Mar 17 14:40:30  => ->- PASV
Thu Mar 17 14:40:30  => -<- 227 Entering Passive Mode (192,168,19,1,219,153).
Thu Mar 17 14:40:30  => Status: Sending data to server
Thu Mar 17 14:40:30  => ->- STOR Readme.txt
Thu Mar 17 14:40:30  => -<- 150 Opening BINARY mode data connection.
Thu Mar 17 14:41:01  => Connection timed out. Timeout set to 30
Thu Mar 17 14:41:01  => Status: Disconnected from server
Thu Mar 17 14:41:01  => Error: The current connection has timeout. (10060)
Thu Mar 17 14:41:01  => Error: file transfer failed or incomplete
Thu Mar 17 14:44:52  => <**Console window output suppressed when minimized.
Thu Mar 17 14:44:52  => <**Trace window logging suppressed when minimized.
0
 
LVL 16

Expert Comment

by:AlexPace
ID: 35157457
So it appears your attempt to connect to the server's passive port timed out.  Here is the relevant portion of the log:

Thu Mar 17 14:40:30  => ->- PASV
Thu Mar 17 14:40:30  => -<- 227 Entering Passive Mode (192,168,19,1,219,153).
Thu Mar 17 14:40:30  => Status: Sending data to server
Thu Mar 17 14:40:30  => ->- STOR Readme.txt
Thu Mar 17 14:40:30  => -<- 150 Opening BINARY mode data connection.
Thu Mar 17 14:41:01  => Connection timed out. Timeout set to 30

Your computer sent PASV to request a passive mode transfer.
The server replied saying you should connect to 192.168.19.1 on port 56217 for the data channel.
Your computer timed out trying to connect to port 192.168.19.1 port 56217

So, that is the root problem.  If the server IP is correct then something is blocking that port.  Most likely a firewall... although it does seem strange because 192.168 is a private address range so that server should be "internal" to your network.  Maybe the built-in windows firewall?

0
 
LVL 16

Expert Comment

by:AlexPace
ID: 35157489
Many server programs allow you to specify a port range to use for passive FTP transfers.  If you control the server, specify a range of maybe 100 ports and then make sure there is an exception for that port range in any firewall between the server and client.
0
 

Author Comment

by:renegadecy
ID: 35158775
thanks! the windows firewall on the ftp server is disabled.

but where did u see the  56217 port in the logs?  the 192.168.19.1 is the asa firewall....
0
 
LVL 16

Expert Comment

by:AlexPace
ID: 35161401
The server's response to your request to go into passive mode was:
227 Entering Passive Mode (192,168,19,1,219,153).

This means your client was told to connect to 192.168.19.1 on port 56217

The port number is encoded in those last 2 digits: 219, 153

To decode the, open your calculator program in Scientific or Programmer mode and convert to hex:
219 = DB  (hi byte)
153 = 99  (lo byte)

Now combine them and convert back to decimal:
DB99 = 56217

So now the question remains of why the FTP server would tell you to open a data channel by connecting to the firewall.  It probably didnt.  Most likely your firewall is "ftp protocol aware" meaning that it is snooping on your FTP connection and changing the server response before you get it, acting as a sort of a man-in-the-middle between your computer and the FTP server.  Maybe think of it as a NAT proxy except on a protocol level.  You can probably disable this feature.
0
 

Author Comment

by:renegadecy
ID: 35161513
I have disables the FTP inpect in the ASA....
0
 
LVL 16

Expert Comment

by:AlexPace
ID: 35161548
Many FTP servers allow you to specify an IP address (other than the actual IP address) to use for passive mode.  Prehaps this field is misconfigured on the server.  

Another way to determine if the firewall is changing the value is to enable low-level logging on the FTP server.  Then you could check the server logs for "227 Entering Passive Mode" and verify that the server actually specified the 192.168.19.1 address or if it specified something else that was later changed before arriving at your client.
0
 

Author Comment

by:renegadecy
ID: 35163335
in the FTP server windows firewall is completely disable.
0
 
LVL 16

Expert Comment

by:AlexPace
ID: 35165838
Check the FTP Server's log to verify that the server is actually returning 192.168.19.1 as the passive address.
0
 

Author Comment

by:renegadecy
ID: 35169212
but tihs address is not the ftp server is the asa address...
0
 
LVL 16

Accepted Solution

by:
AlexPace earned 500 total points
ID: 35173458
I understand it isn't the ftp server address.  Either the FTP server is intentionally giving out the wrong address (some FTP servers call this a "passive redirect" address) or some other ftp protocol aware device (or software) is changing the value sent by the FTP server before it reaches the FTP client.

Thats why I said low level FTP Server logs would help because it would allow you to see if the message received by the client matches the one sent by the server... so you can determine if the server is misconfigured or if some other device is "helping" you.
0

Featured Post

Do email signature updates give you a headache?

Do you feel like you are constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

Join & Write a Comment

When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now