Solved

Windows ftp client using different port

Posted on 2012-04-06
20
7,594 Views
Last Modified: 2012-06-22
Someone, please help.  A client of ours has an ftp server set up to listen on port 2525 and we are trying to set up an automated posting to this server.  We have no problem using FileZilla doing the post manually, but when we try to post using the command line ftp with a batch file, it fails...the batch file is as follows:

  open ftp.hostname.com 2525
  ftp_user
  ftp_password
  cd import
  binary
  put \send\filename.txt.pgp
  close
  quit

When run from a command line, the response is:

  ftp> open ftp.hostname.com 2525
  Connected to ftp.hostname.com.
  220 ProFTPD 1.3.3c Server (hostname) [123.123.123.123]
  User (ftp.hostname.com:(none)): ftp_user
  331 Password required for ftp_user
  Password:
  230 User ftp_user logged in
  ftp> cd import
  250 CWD command successful
  ftp> binary
  200 Type set to I
  ftp> put \send\filename.txt.pgp
  500 Illegal PORT command
  425 Unable to build data connection: Connection refused
  ftp> Close
  221 Goodbye.
  ftp> Quit

and we end up with a zero-length file on the server...the file is created but the contents are not transferred.

I've tried using other command line apps and get the same result...psftp, winscp, moveit all failed.

Anyone have any ideas??
0
Comment
Question by:Dalexan
  • 7
  • 4
  • 3
  • +4
20 Comments
 
LVL 35

Expert Comment

by:Robert Schutt
ID: 37816936
Have you tried passive mode?

After you connect type:
QUOTE PASV

(haven't needed it myself in a while)
0
 

Author Comment

by:Dalexan
ID: 37817053
pasv is not an option in windows command line ftp...
0
 
LVL 35

Expert Comment

by:Robert Schutt
ID: 37817076
No, but when you use QUOTE PASV it is executed on the server. It must be a firewall problem when data connection is opened on another port. Possibly when you use it interactively it automatically adjusts or it is already configured.
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 

Author Comment

by:Dalexan
ID: 37817110
looks like that didn't work...I got '500 Illegal port command' and no ftp> prompt...it's hung.
0
 
LVL 35

Expert Comment

by:Robert Schutt
ID: 37817144
Have you got a way to check if a firewall is blocking the incoming connection?

Also, use the -d switch to debug ftp, on this site it's explained what the PORT debugging means: http://slacksite.com/other/ftp.html
0
 

Author Comment

by:Dalexan
ID: 37817179
No luck...the -d option didn't give any additional info...everything works until I get to the PUT command.  I'd have to check with the client to see if they have a firewall on...but FileZilla works fine for transferring files manually...wouldn't a firewall stop it from working also?
0
 
LVL 38

Expert Comment

by:Gerwin Jansen, EE MVE
ID: 37817196
Hi, I use WinSCP scripting for things like this, here's the documentation: http://winscp.net/eng/docs/scripting
0
 
LVL 35

Expert Comment

by:Robert Schutt
ID: 37817210
Well that's the thing, it could be that the firewall is on the client (your) side because a new connection is opened up to send the data to you. This is not on port 21 or 2525 but a new port.

FileZilla might be configured (or automatically try) to switch modes when necessary. I actually use Total Commander for most of my FTP needs and in there it's just a checkbox in the configuration of a connection.
0
 
LVL 35

Expert Comment

by:Robert Schutt
ID: 37817241
I see I had it backwards, you were right earlier, it would be at the server side, because you're not trying to GET but PUT a file... Some firewalls allow those ports automatically for the FTP protocol, maybe theirs is a bit too strict?
0
 
LVL 35

Expert Comment

by:Robert Schutt
ID: 37817311
When I use "ftp -d" I get this extra info, but the port number is not fixed:

ftp> put tst.txt
---> PORT 192,168,1,33,223,126
200 PORT command successful
---> STOR tst.txt
150 Connecting to port 18419
226-File successfully transferred
0
 
LVL 80

Expert Comment

by:David Johnson, CD, MVP
ID: 37820160
which ftp server is your friend using?

server: Microsoft IIS 7.5
Client c:\windows\ftp.exe

ftpme.txt
o localhost 2525
ftp_user
ftp_pass
bin
hash 
put c:\write-log.ps1
quit

Open in new window


console output
C:\>ftp -s:ftpme.txt
ftp> o localhost 2525
Connected to DavidJohnson-W7.
220 Microsoft FTP Service
User (DavidJohnson-W7:(none)):
331 Password required for ftp_user

230-User logged in.
 Win32 error:   The operation completed successfully.
 Error details: File system returned an error.
230 End
ftp> bin
200 Type set to I.
ftp> hash
Hash mark printing On  ftp: (2048 bytes/hash mark) .
ftp> put c:\write-log.ps1
200 PORT command successful.
125 Data connection already open; Transfer starting.

226 Transfer complete.
ftp: 1006 bytes sent in 0.00Seconds 1006000.00Kbytes/sec.
ftp> quit
221 Goodbye.

C:\>

Open in new window

0
 
LVL 11

Expert Comment

by:Ben Personick
ID: 37823857
Are you certain that the FTP Server is normal FTP?  It may be FTP/SSL (FTPS) or FTP/SSH (SFTP), in either case the connection would not work properly through the normal FTP command.

From what I recall if the server is using either of these encryption methods it would most likely be FTP/SSL since that can allow a regular connection for commands browsing but encrypt just the data portion.

Otherwise the FTP server may be using a special set of ports for data as well as commands, and FTP will try 21 by default.  However if this were the case then your commands should be failing regardless.. So I don;t think that is the case.  (FYI: I believe the Windows CMD Line FTP DOES NOT support Passive, only Active connections, in an Active connection the FTP Client chooses the port it will look for responses back on and talks to the FTP Server's default data port.  In Passive the FTP Server specifies it's data port and tells the client which port it should connect on.)

 It looks like this is the case though, as the FTP account is accepted and we see the port command in debug and then you can try to put the file.

For the "By Hand" Command Line, try NOT using Binary, it's often not necessary, and I have seen using the Binary command lead to Zero Length files.

As for the "Batch File", you cannot put FTP Commands directly in a batch file you must write an FTP Script as a separate file and then put it into the command line argument:

Save the following File as "C:\FTPScript\FTPSend.ftp"
Put the file you want to send in "C:\FTPScriptput\filename.txt.pgp"
Then Run the Command specified after the script file.
Note 1: I have removed the "Binary" command, you can add it back in if necessary.
Note 2: It is possible to make this process work for changing files and directories by creating a batch script which writes the FTP Script and then executes it, I have successfully used this to backup changing file names in different environments.

:: FTP Script name: FTPSend.ftp

"ftp_user"
ftp_password
cd import
put "C:\FTPScript\filename.txt.pgp"
quit

Open in new window

Once you have the above saved in "C:\FTPScript\FTPSend.ftp", just run this command:
FTP -s:"C:\FTPScript\FTPSend.ftp" ftp.hostname.com:2525 

Open in new window

0
 

Author Comment

by:Dalexan
ID: 37823973
The server is 220 ProFTPD 1.3.3c Server
0
 
LVL 11

Expert Comment

by:paultomasi
ID: 37825191
Dalexan

Have you tried:

   open ftp.hostname.com:2525

instead of:

   open ftp.hostname.com 2525

Notice the colon separating the domain name and the port number.
0
 
LVL 35

Expert Comment

by:Robert Schutt
ID: 37831389
Reading this I would say forget about passive mode but make sure port 20 is available, although it might be port 2524 in your case because I've read somewhere that an FTP server might choose the current port number minus 1.
0
 
LVL 80

Expert Comment

by:David Johnson, CD, MVP
ID: 37832807
@Dalexan: awaiting any response from you.
0
 
LVL 8

Expert Comment

by:JT92677
ID: 37858931
I tried this on one of my non-standard port servers, and it doesn't work from the CMD: ftp client.

It looked reasonable up to the CD where the system gave me the Error 500.

Suggestion:
 
Try adding a line in the text response file-- the "quote pasv" line - switches to passive mode.
Prove to yourself it won't work?  How's that for an expert suggestion ?? <<grin>>
Sorry

 open ftp.hostname.com 2525
  ftp_user
  ftp_password
 quote pasv
  cd import
  binary
  put \send\filename.txt.pgp
  close
  quit

ERROR 500

hmmmm
0
 
LVL 11

Accepted Solution

by:
Ben Personick earned 500 total points
ID: 37859269
As I mentioned in my post above, Windows command line does not support Passive.

  I also use the URL:Port nomenclature in my post above; as Paul mentioned afterwards this should be the preferred method.

  However, if the FTP is active then you should still be able to issue commands (which you do), at least so long as they return data (such as a directory listing).

  The fact you are able to issue commands and begin putting the file is promising, as I have seen instances where for some reason putting the file with binary does leave a 0-byte file.

So it might be that you need to put the file ASCII instead of Binary; however, if that does not work, and directory listing also does not work, then it is not possible without a 3rd party FTP Client.

-Q
0
 
LVL 8

Expert Comment

by:JT92677
ID: 37860778
Qcubed - The URL:Port works in the browser, but on the CMD prompt, the syntax for ftp open is a space between the URL and the port number:  URL  PORT  not URL:PORT   Maybe this is because the router is taking the non-standard incoming port, and routing packets to the ftp server, AND changing the port inside the LAN to 21. Maybe that's it? Not sure.

The passive command is a server issue isn't it?  When the user sends Quote pasv it requests that the ftp server go into passive mode. It shouldn't change the client (ftp in the cmd mode). Right?

I've issued the command in Windows version 7 (and earlier versions) and it gets a positive response from the ftp server that it is entering passive mode.

Unfortunately, even in passive mode, the error 500 still comes up on almost all file related requests made to the ftp server.

It will be interesting if ANY solution for the cmd line version of ftp.exe will work with non-standard ports (not 21).

Jeff
0
 
LVL 80

Expert Comment

by:David Johnson, CD, MVP
ID: 37861065
proFtp latest version is 1.3.4a..

It is not a problem with the ftp.exe it works as shown below.

C:\Users\David Johnson>ftp
ftp> o localhost 2525
Connected to DavidJohnson-W7.
220 Microsoft FTP Service
User (DavidJohnson-W7:(none)): David Johnson
331 Password required for David Johnson.
Password:
230-Directory has 171,212,177,408 bytes of disk space available.
230 User logged in.
ftp> put c:\*.txt
200 PORT command successful.
125 Data connection already open; Transfer starting.
226 Transfer complete.
ftp: 12 bytes sent in 0.11Seconds 0.11Kbytes/sec.
ftp> ls
200 PORT command successful.
125 Data connection already open; Transfer starting.
adminfiles
aspnet_client
computers.txt
LocalUser
notepad.ps1
write-log.ps1
226-Directory has 171,214,270,464 bytes of disk space available.
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A while back when OPSMGR 2012 was released we were very excited about getting it into our environment and upgrading our 2007 implementation,  we started our planning and we then proceeded with our implementation. All went as planned & our system …
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question