Solved

ftp site

Posted on 2013-07-01
13
430 Views
Last Modified: 2013-07-04
Hi,

what is wrong if I can access my ftp site from outside my network but not internally. I can access it anywhere except from the office network which the ftp server is located. Even filezilla client could not connect. any help will be appreciated. thanks

jess
0
Comment
Question by:JessIT2013
  • 4
  • 3
  • 3
  • +2
13 Comments
 
LVL 10

Expert Comment

by:Sam Simon Nasser
ID: 39289464
several issues:
do you have proxy?
try turn off firewall / turn on
in file zilla, try passive / native mode
turn off windows firewall / antivirus

as you can reach it from outside, this means there is a software blocking you when you connect to your office network
0
 

Author Comment

by:JessIT2013
ID: 39289555
there is no proxy. the firewallis and anti virus is turn off. our network have 3 subnets,
192.168.1.xx - ftp server
192.168.2.xx - clients
192.168.3.xx - clients - another building

it was working before. I can access the ftp from 192.168.3.xx network or from my home but i cannot access on 192.168.2.xx network.
0
 
LVL 12

Expert Comment

by:Sandeep
ID: 39289744
There must be something wrong with the routing then.

Check whether you can ping and telnet over 21 22 ports towards FTP server. If it fails then it is network issue. You simply have to check the routing and add routing on your 192.168.2.xx network. It should resolve your problem I guess.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 11

Expert Comment

by:Sanjay Santoki
ID: 39289757
Hello,

Any restriction of FTP server? Are you connecting through IP address or FQDN?

Regards,
Sanjay Santoki
0
 
LVL 16

Expert Comment

by:AlexPace
ID: 39289876
192.168.x.x is a private network so if you are able to log in from outside does that mean you are using a public address instead?  Perhaps the server software is only listening to the public address.
0
 

Author Comment

by:JessIT2013
ID: 39289961
@reach2sandeep -
yes I can ping the ftp server from 168.2.xx network -no issue pinging the ftp, just can't access it.

@Sanjay
-connecting throuGh FQDN.
0
 
LVL 11

Expert Comment

by:Sanjay Santoki
ID: 39290164
Hello,

I would suggest you to please try with IP address and still if you are facing the issue share FTP client logs.

BTW: are you able to telnet FTPSERVERIP on TCP 21 ?

Regards,
Sanjay Santoki
0
 
LVL 12

Expert Comment

by:Sandeep
ID: 39292123
@JessIT2013 -- In my last post I also asked you to Telnet and advise? As you said you can ping properly then there should not be any routing issue, but could be related tot he ports which may be getting blocked due to which it may not be accessible.

Try this command telnet 192.168.1.xxx 21 and see if it connect or halts at Connecting screen. If this is not through then its Ports issue. You may need to check either on FTP server or Local Machine for any Firewall issues. Try disabling firewall on FTP Server and Client and see if it makes any difference.

Also you can test at below settings

http://i1.iis.net/images/configreference/ftpServer_ipSecurity_howto_1.png?cdn_id=2013-05-01-001

http://i1.iis.net/media/7186606/iis-80-dynamic-ip-address-restrictions-1093-image003.png?cdn_id=2013-05-01-001
0
 

Author Comment

by:JessIT2013
ID: 39292389
@reach2sandeep
yes, I was able to telnet 192.168.1.xxx 21 but if i use this telnet mydomain.com 21, it wont connect from 192.168.2.xxx network.

from 192.168.3.xxx network- using telnet mydomain.com 21 is working here.

-I also disabled the server antivirus and clients PC, connection is still failed.
0
 
LVL 11

Accepted Solution

by:
Sanjay Santoki earned 500 total points
ID: 39293013
Hello JessIT,

As I have updated in my earlier post; if you are able to connect using with IP address issue must be with the DNS this is what reflect from your last post as well. Just check where mydomain.com is pining and make according change in preferred DNS configuration of the host.

Regards,
Sanjay Santoki
0
 
LVL 12

Expert Comment

by:Sandeep
ID: 39299181
If you are not sure or do not have rights on the DNS Server to add DNS Entry, you can add DNS Entry in Local Host File also.

C:\Windows\System32\Drivers\Etc

Go to above path on your Client PC, and you will find there hosts file. Open that file with Notepad. Make sure you have created backup of it first. Now go to the end of file and add there below entry

192.168.1.xxx     mydomain.com

and Save the file. Between IP and domain name there should be TAB Space (5 Spaces). Now go to command prompt and type ipconfig /flushdns

and now try whether you access the site or not? This would be a Workaround if you do not have DNS Server.

Also it would be worth checking if DNS Server is different for 192.168.3.xxx, if yes you can try to match it by adding it in Additional DNS on 192.168.2.xxx network.

Hope that makes sense.
0
 
LVL 16

Expert Comment

by:AlexPace
ID: 39299584
From inside the network you can connect using the external IP address but you can't connect using the internal private IP address?   Or do both IP addresses connect OK internally and the only problem is DNS resolution?
0
 

Author Comment

by:JessIT2013
ID: 39299863
reach2sandeep and sanjsantoki are both right. It is all about DNS. I forgot to add it in the DNS forward lookup zone. It's all working now. thanks


Jess
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn about cloud computing and its benefits for small business owners.
A phishing scam that claims a recipient’s credit card details have been “suspended” is the latest trend in spoof emails.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question