Solved

Settin up FTP on ISS Windows7

Posted on 2014-01-16
4
867 Views
Last Modified: 2014-01-19
Hi, I am trying to setup FTP on my local PC.
I have configured my Router to redirect the trafic to my PC.

It works locally, but when using my public ip address I am getting error:
425 Cannot open data connection.

Here is the log:

Connect to: (16/01/2014 13:30:06)
hostname=ip_address
username=username
startdir=
220 Microsoft FTP Service
USER username
331 Password required for username.
PASS ***********
230 User logged in.
SYST
215 Windows_NT
FEAT
211-Extended features supported:
 LANG EN*
 UTF8
 AUTH TLS;TLS-C;SSL;TLS-P;
 PBSZ
 PROT C;P;
 CCC
 HOST
 SIZE
 MDTM
 REST STREAM
211 END
Connect ok!
PWD
257 "/" is current directory.
Get directory
TYPE A
200 Type set to A.
PORT 192,168,0,13,197,86
501 Server cannot accept argument.
PASV
227 Entering Passive Mode (192,168,0,13,197,87).
LIST
150 Opening ASCII mode data connection.
Download
Waiting for server...
425 Cannot open data connection.

Any idea?
0
Comment
Question by:RafalKa
  • 2
4 Comments
 
LVL 3

Accepted Solution

by:
dextermain earned 250 total points
ID: 39785202
1. Are you on a static or dynamic IP connection?
2. Have you tried using passive FTP instead of active (in the case of if you are on a dynamic Ip & sitting behind a firewall)

Try the following that was posted at: http://forums.iis.net/t/1157854.aspx

1: If there is a firewall involved server side check what ports are allowed for FTP Passive mode
2: In IIS set "Data Channel Port Range" under "FTP Firewall Support" to the passive port range gleamed from step 1 (normally this is 49152-65535) (Click on the server not the FTP Site to set the port range)
3: Check the passive port range is actually in effect by opening a command prompt and typing:

netsh int ipv4 show dynamicport tcp

If the range is not as it should be then adjust it with:

netsh int ipv4 set dynamicport tcp <Start Port> <number of ports> persistent

(for the default 49152-65535 this would be 49152 16383)

4: Set your FTP client to use Passive mode

I think the reason for using Passive mode is, with FTP Active mode your router firewall or whatever is expected to find out which port you are using from inspecting the FTP traffic, it cannot do this if the control channel is encrypted so I think you have to use Passive mode FTP.

The problem came when I changed the Passive mode Data Channel Port Range under "FTP Firewall Support" to the silly range the ISP had set up 20000-21000 and it didn't actually update the the ftp server.
0
 
LVL 16

Assisted Solution

by:AlexPace
AlexPace earned 250 total points
ID: 39785836
The problem is clearly shown in the log:

227 Entering Passive Mode (192,168,0,13,197,87)

The server's PASV response includes its private IP address on the 192.168.x.x subnet in the first four numbers.  Change your server configuration so it uses the external public IP address of your firewall in the PASV response.

This problem is so common that some FTP client software programs automatically ignore the address in the PASV response when it is a private address.  Also be sure that the ports are correct.... you can figure out the port by multiplying the fifth number by 256 and then adding the value of the sixth number.  For the PASV response above that would be:
(197 x 256) + 87 = 50519
So your firewall will need to forward an inbound connection request on that port to the computer where the FTP server is actually running.
0
 

Author Comment

by:RafalKa
ID: 39793532
I was testing it from the inside of network. But from the outside it works just fine. Thank you for help anyway.


Best regards
0
 

Author Closing Comment

by:RafalKa
ID: 39793536
Resolved by my self.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I will show you HOW TO: Perform a Physical to Virtual (P2V) Conversion the easy way from a computer backup (image).
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question