Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

ftp site

Posted on 2013-07-01
13
Medium Priority
?
442 Views
Last Modified: 2013-07-04
Hi,

what is wrong if I can access my ftp site from outside my network but not internally. I can access it anywhere except from the office network which the ftp server is located. Even filezilla client could not connect. any help will be appreciated. thanks

jess
0
Comment
Question by:JessIT2013
  • 4
  • 3
  • 3
  • +2
13 Comments
 
LVL 10

Expert Comment

by:Sam Simon Nasser
ID: 39289464
several issues:
do you have proxy?
try turn off firewall / turn on
in file zilla, try passive / native mode
turn off windows firewall / antivirus

as you can reach it from outside, this means there is a software blocking you when you connect to your office network
0
 

Author Comment

by:JessIT2013
ID: 39289555
there is no proxy. the firewallis and anti virus is turn off. our network have 3 subnets,
192.168.1.xx - ftp server
192.168.2.xx - clients
192.168.3.xx - clients - another building

it was working before. I can access the ftp from 192.168.3.xx network or from my home but i cannot access on 192.168.2.xx network.
0
 
LVL 12

Expert Comment

by:Sandeep
ID: 39289744
There must be something wrong with the routing then.

Check whether you can ping and telnet over 21 22 ports towards FTP server. If it fails then it is network issue. You simply have to check the routing and add routing on your 192.168.2.xx network. It should resolve your problem I guess.
0
Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

 
LVL 11

Expert Comment

by:Sanjay Santoki
ID: 39289757
Hello,

Any restriction of FTP server? Are you connecting through IP address or FQDN?

Regards,
Sanjay Santoki
0
 
LVL 16

Expert Comment

by:AlexPace
ID: 39289876
192.168.x.x is a private network so if you are able to log in from outside does that mean you are using a public address instead?  Perhaps the server software is only listening to the public address.
0
 

Author Comment

by:JessIT2013
ID: 39289961
@reach2sandeep -
yes I can ping the ftp server from 168.2.xx network -no issue pinging the ftp, just can't access it.

@Sanjay
-connecting throuGh FQDN.
0
 
LVL 11

Expert Comment

by:Sanjay Santoki
ID: 39290164
Hello,

I would suggest you to please try with IP address and still if you are facing the issue share FTP client logs.

BTW: are you able to telnet FTPSERVERIP on TCP 21 ?

Regards,
Sanjay Santoki
0
 
LVL 12

Expert Comment

by:Sandeep
ID: 39292123
@JessIT2013 -- In my last post I also asked you to Telnet and advise? As you said you can ping properly then there should not be any routing issue, but could be related tot he ports which may be getting blocked due to which it may not be accessible.

Try this command telnet 192.168.1.xxx 21 and see if it connect or halts at Connecting screen. If this is not through then its Ports issue. You may need to check either on FTP server or Local Machine for any Firewall issues. Try disabling firewall on FTP Server and Client and see if it makes any difference.

Also you can test at below settings

http://i1.iis.net/images/configreference/ftpServer_ipSecurity_howto_1.png?cdn_id=2013-05-01-001

http://i1.iis.net/media/7186606/iis-80-dynamic-ip-address-restrictions-1093-image003.png?cdn_id=2013-05-01-001
0
 

Author Comment

by:JessIT2013
ID: 39292389
@reach2sandeep
yes, I was able to telnet 192.168.1.xxx 21 but if i use this telnet mydomain.com 21, it wont connect from 192.168.2.xxx network.

from 192.168.3.xxx network- using telnet mydomain.com 21 is working here.

-I also disabled the server antivirus and clients PC, connection is still failed.
0
 
LVL 11

Accepted Solution

by:
Sanjay Santoki earned 1500 total points
ID: 39293013
Hello JessIT,

As I have updated in my earlier post; if you are able to connect using with IP address issue must be with the DNS this is what reflect from your last post as well. Just check where mydomain.com is pining and make according change in preferred DNS configuration of the host.

Regards,
Sanjay Santoki
0
 
LVL 12

Expert Comment

by:Sandeep
ID: 39299181
If you are not sure or do not have rights on the DNS Server to add DNS Entry, you can add DNS Entry in Local Host File also.

C:\Windows\System32\Drivers\Etc

Go to above path on your Client PC, and you will find there hosts file. Open that file with Notepad. Make sure you have created backup of it first. Now go to the end of file and add there below entry

192.168.1.xxx     mydomain.com

and Save the file. Between IP and domain name there should be TAB Space (5 Spaces). Now go to command prompt and type ipconfig /flushdns

and now try whether you access the site or not? This would be a Workaround if you do not have DNS Server.

Also it would be worth checking if DNS Server is different for 192.168.3.xxx, if yes you can try to match it by adding it in Additional DNS on 192.168.2.xxx network.

Hope that makes sense.
0
 
LVL 16

Expert Comment

by:AlexPace
ID: 39299584
From inside the network you can connect using the external IP address but you can't connect using the internal private IP address?   Or do both IP addresses connect OK internally and the only problem is DNS resolution?
0
 

Author Comment

by:JessIT2013
ID: 39299863
reach2sandeep and sanjsantoki are both right. It is all about DNS. I forgot to add it in the DNS forward lookup zone. It's all working now. thanks


Jess
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Running classic asp applications under Windows Server 2008 R2 (x64) and IIS 7 is not as easy as one may think. It took me a while to figure it out while getting error 8002801d a few times. After you install the OS you will need to install the fol…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …

577 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question