[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 403
  • Last Modified:

Passive Failure and Timeout while waiting for connection

Hi,
I'm hoping you can help with some connectivity issues. We have a custom script that we run on our clients computers in order to move files onto and off of our ftp server. It works great for all of our clients except one.

We are getting several error messages.
Timeout while waiting for connection
Passive Failure
425 Unable to open the data connection

The connection seems fine up to that point, with "opening data connection" and then Transfer Complete messages before the ones above.

I know there is other information that might be helpful, but I figure since it works for all our clients except one, the ftp server should not be the cause of the issue...am I wrong?

Thanks in advance!
Masterworks
 
Posts: 1
Joined: Mon Oct 24, 2011 5:51 pm
0
Masterworks-Helpdesk
Asked:
Masterworks-Helpdesk
  • 3
  • 3
  • 2
  • +1
1 Solution
 
LesterClaytonCommented:
From the sounds of things you are having the classic double-NAT issue.

I wrote an article on how to set up an FTP server to support both Passive mode and Port mode.  You could try to make your server support both, so that the clients can use either mode to connect to your server.

http://www.experts-exchange.com/A_7833.html
0
 
Andrej PirmanCommented:
First to check...FTP server concurent connections. Might be default 10 simultaneous connections, thus hitting the limit with this client.

Another thing is to DISABLE FIREWALL on client...test and see if it helps.
Maybe once ago, when script was first started, firewall popped-up warning whether to allow FTP cilent connection to internet, and somebody clicked DENY...

Then disable/enable PASV client FTP mode.

It might also be misconfigured FIREWALL on SERVER for passive mode. Firewall needs to have opened, for example, 100-200 high-ports for passive connection. Maybe FTP server is setup to use ports, for example, from 10100 to 10300 and firewall on server only opened for ports 10100-10200. Check it out.
0
 
AlexPaceCommented:
Get the passive port range from the server software and then notify the person responsible for the client-side firewall that the FTP client will need to be able to make outgoing connections to your FTP server on ports in that range.  
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Masterworks-HelpdeskAuthor Commented:
Thanks for the responses.  Keep in mind that this issue only exists for this one client out of ten clients.  And the ftp scripting on the client is the same script on all clients.  So I'm thinking it likely is not a server side issue...must be client side.
0
 
Andrej PirmanCommented:
Did you try suggestions:
- turn OFF firewall on client and see if any difference
- tunr OFF antivirus on client side...
- ...REBOOT and see if any differenxce

You say FTP script. But which FTP client is in use?
Is it the same FTP client on all machines?

Does this FTP client connect manually, without script?

0
 
AlexPaceCommented:
Based on the information provided you can't  be 100% sure it is the client.  For example if your firewall allows client access by source IP address or range and all the other clients have access to any port but this one particular client only has access to port 21 then he could connect to the FTP server but then fail to open any passive mode data channels... so if your firewall is white-listing FTP clients it could be misconfigured for this one.  You could rule this out with a packet trace at your firewall... see if you are ever seeing his incomming TCP connection attempt on the port your server returned in its response to the PASV command.

0
 
Andrej PirmanCommented:
also...check BANNED IPs on FTP. It might be this client was by mistake using wrong credentials once, and it is banned.
0
 
Masterworks-HelpdeskAuthor Commented:
We have moved on from this issue.  Thanks to all for the helpful feedback.
0
 
Masterworks-HelpdeskAuthor Commented:
We have moved on from this issue.  Thanks to all for the helpful feedback.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 3
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now