Solved

Settin up FTP on ISS Windows7

Posted on 2014-01-16
4
882 Views
Last Modified: 2014-01-19
Hi, I am trying to setup FTP on my local PC.
I have configured my Router to redirect the trafic to my PC.

It works locally, but when using my public ip address I am getting error:
425 Cannot open data connection.

Here is the log:

Connect to: (16/01/2014 13:30:06)
hostname=ip_address
username=username
startdir=
220 Microsoft FTP Service
USER username
331 Password required for username.
PASS ***********
230 User logged in.
SYST
215 Windows_NT
FEAT
211-Extended features supported:
 LANG EN*
 UTF8
 AUTH TLS;TLS-C;SSL;TLS-P;
 PBSZ
 PROT C;P;
 CCC
 HOST
 SIZE
 MDTM
 REST STREAM
211 END
Connect ok!
PWD
257 "/" is current directory.
Get directory
TYPE A
200 Type set to A.
PORT 192,168,0,13,197,86
501 Server cannot accept argument.
PASV
227 Entering Passive Mode (192,168,0,13,197,87).
LIST
150 Opening ASCII mode data connection.
Download
Waiting for server...
425 Cannot open data connection.

Any idea?
0
Comment
Question by:RafalKa
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 3

Accepted Solution

by:
dextermain earned 250 total points
ID: 39785202
1. Are you on a static or dynamic IP connection?
2. Have you tried using passive FTP instead of active (in the case of if you are on a dynamic Ip & sitting behind a firewall)

Try the following that was posted at: http://forums.iis.net/t/1157854.aspx

1: If there is a firewall involved server side check what ports are allowed for FTP Passive mode
2: In IIS set "Data Channel Port Range" under "FTP Firewall Support" to the passive port range gleamed from step 1 (normally this is 49152-65535) (Click on the server not the FTP Site to set the port range)
3: Check the passive port range is actually in effect by opening a command prompt and typing:

netsh int ipv4 show dynamicport tcp

If the range is not as it should be then adjust it with:

netsh int ipv4 set dynamicport tcp <Start Port> <number of ports> persistent

(for the default 49152-65535 this would be 49152 16383)

4: Set your FTP client to use Passive mode

I think the reason for using Passive mode is, with FTP Active mode your router firewall or whatever is expected to find out which port you are using from inspecting the FTP traffic, it cannot do this if the control channel is encrypted so I think you have to use Passive mode FTP.

The problem came when I changed the Passive mode Data Channel Port Range under "FTP Firewall Support" to the silly range the ISP had set up 20000-21000 and it didn't actually update the the ftp server.
0
 
LVL 16

Assisted Solution

by:AlexPace
AlexPace earned 250 total points
ID: 39785836
The problem is clearly shown in the log:

227 Entering Passive Mode (192,168,0,13,197,87)

The server's PASV response includes its private IP address on the 192.168.x.x subnet in the first four numbers.  Change your server configuration so it uses the external public IP address of your firewall in the PASV response.

This problem is so common that some FTP client software programs automatically ignore the address in the PASV response when it is a private address.  Also be sure that the ports are correct.... you can figure out the port by multiplying the fifth number by 256 and then adding the value of the sixth number.  For the PASV response above that would be:
(197 x 256) + 87 = 50519
So your firewall will need to forward an inbound connection request on that port to the computer where the FTP server is actually running.
0
 

Author Comment

by:RafalKa
ID: 39793532
I was testing it from the inside of network. But from the outside it works just fine. Thank you for help anyway.


Best regards
0
 

Author Closing Comment

by:RafalKa
ID: 39793536
Resolved by my self.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I will show you HOW TO: Perform a Physical to Virtual (P2V) Conversion the easy way from a computer backup (image).
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question