?
Solved

Users Cannot Connect to FTP Server

Posted on 2011-10-12
10
Medium Priority
?
207 Views
Last Modified: 2012-05-12
Hosting an FTP server on a Windows 2K8 machine.  Previously worked fine until the last week or so - no known changes to the server.  Firewall is verified with port 21 open for FTP services and I double-checked permissions on both the share and the directory security itself.  Outside users get the prompt for user credentials but even after seemingly accepting the login info, it just shows a progress bar at the bottom of IE that never connects.  I can even see the incoming connection in the firewall so I know they get that far.  Tried restarting the FTP service and the entire server and I still get the same result.  Not sure what else to troubleshoot but I need to get it fixed ASAP.  Thanks!
0
Comment
Question by:rohnlawadmin
  • 5
  • 4
10 Comments
 
LVL 14

Accepted Solution

by:
theruck earned 1000 total points
ID: 36956023
try a ftp client instrad of the browser to see the actual error message
0
 
LVL 16

Expert Comment

by:AlexPace
ID: 36956119
If you are prompted to give credentials but can't get past that point then most likely the browser is requesting a directory listing but can't open the data channel to transfer it.
0
 

Author Comment

by:rohnlawadmin
ID: 36956218
How do I correct that and also why would it happen if I made no changes on my end?
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 16

Assisted Solution

by:AlexPace
AlexPace earned 1000 total points
ID: 36956271
It is the client's responsibility to request the data channel.  It can specify Active Mode (tell your server to initiate a connection back to the client) or Passive Mode (request that the server accept an incomming connection.)  If the client changed data modes you don't have any control over it as the server administrator.  The primpary thing you have control over is the range of ports that your server will specify for incomming connections in PASV mode.  If your server is configured to use a passive mode port range that is in use for some other purpose or is partially blocked by your firewall that would be a problem... or if you have new outbound firewall rules preventing you making the active mode connection that might also be your problem but really most likely the issue is on the client side.

Like theruck said above you'll need a real FTP client that can show the error... even better would be one that writes to a protocol-level trace log.
0
 

Author Comment

by:rohnlawadmin
ID: 36956539
Interestingly enough, when I installed CuteFTP from two different remote locations, it connected to our FTP site with no problem whatsoever.  I can't get it to connect outside of that software though and we had users who regularly connected with IE, Mozilla and on Mac computers.  I guess I can tell all the remote people to install and use this software but I'd really like to not have to do that since it was easier just letting them access through a browser.  I know in the past I had to make sure the passive FTP checkbox in Internet Options was unchecked but that isn't the issue this time because I've verified it is turned off (the setting is is supposed to be for our server).
0
 
LVL 16

Expert Comment

by:AlexPace
ID: 36956557
I bet CuteFTP can make a log so why don't you see if it is sending PORT or PASV to open the data channel.... then you'll know which type actually works.  Also, check your server logs to make sure these are the last commands sent from the cleints that DONT work.
0
 

Author Comment

by:rohnlawadmin
ID: 36956568
I just tried again via IE and now it is working.  I didn't do anything on the server end though.  Any idea what would make this happen?
0
 
LVL 16

Expert Comment

by:AlexPace
ID: 36956606
The port range used for the data channel may be partially blocked.  The software tends to increment through the range so maybe you just hit a few blocked ports.  More likely is that someone is tweaking your firewall rules, either at your office or at your ISP.
0
 
LVL 16

Expert Comment

by:AlexPace
ID: 36956610
Check the server logs to compare the PASV or PORT commands sent when it failed vs. when it worked.  You should be able to just search the raw command trace for the string "PASV" or "PORT"
0
 

Author Comment

by:rohnlawadmin
ID: 36956664
I am the only one with access to change anything in the office so maybe it is our ISP.  I'll review the server logs when I get time to see what may be the cause but at least I know what to look for.  Thanks!
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

750 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question