Solved

Settin up FTP on ISS Windows7

Posted on 2014-01-16
4
908 Views
Last Modified: 2014-01-19
Hi, I am trying to setup FTP on my local PC.
I have configured my Router to redirect the trafic to my PC.

It works locally, but when using my public ip address I am getting error:
425 Cannot open data connection.

Here is the log:

Connect to: (16/01/2014 13:30:06)
hostname=ip_address
username=username
startdir=
220 Microsoft FTP Service
USER username
331 Password required for username.
PASS ***********
230 User logged in.
SYST
215 Windows_NT
FEAT
211-Extended features supported:
 LANG EN*
 UTF8
 AUTH TLS;TLS-C;SSL;TLS-P;
 PBSZ
 PROT C;P;
 CCC
 HOST
 SIZE
 MDTM
 REST STREAM
211 END
Connect ok!
PWD
257 "/" is current directory.
Get directory
TYPE A
200 Type set to A.
PORT 192,168,0,13,197,86
501 Server cannot accept argument.
PASV
227 Entering Passive Mode (192,168,0,13,197,87).
LIST
150 Opening ASCII mode data connection.
Download
Waiting for server...
425 Cannot open data connection.

Any idea?
0
Comment
Question by:RafalKa
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 3

Accepted Solution

by:
dextermain earned 250 total points
ID: 39785202
1. Are you on a static or dynamic IP connection?
2. Have you tried using passive FTP instead of active (in the case of if you are on a dynamic Ip & sitting behind a firewall)

Try the following that was posted at: http://forums.iis.net/t/1157854.aspx

1: If there is a firewall involved server side check what ports are allowed for FTP Passive mode
2: In IIS set "Data Channel Port Range" under "FTP Firewall Support" to the passive port range gleamed from step 1 (normally this is 49152-65535) (Click on the server not the FTP Site to set the port range)
3: Check the passive port range is actually in effect by opening a command prompt and typing:

netsh int ipv4 show dynamicport tcp

If the range is not as it should be then adjust it with:

netsh int ipv4 set dynamicport tcp <Start Port> <number of ports> persistent

(for the default 49152-65535 this would be 49152 16383)

4: Set your FTP client to use Passive mode

I think the reason for using Passive mode is, with FTP Active mode your router firewall or whatever is expected to find out which port you are using from inspecting the FTP traffic, it cannot do this if the control channel is encrypted so I think you have to use Passive mode FTP.

The problem came when I changed the Passive mode Data Channel Port Range under "FTP Firewall Support" to the silly range the ISP had set up 20000-21000 and it didn't actually update the the ftp server.
0
 
LVL 16

Assisted Solution

by:AlexPace
AlexPace earned 250 total points
ID: 39785836
The problem is clearly shown in the log:

227 Entering Passive Mode (192,168,0,13,197,87)

The server's PASV response includes its private IP address on the 192.168.x.x subnet in the first four numbers.  Change your server configuration so it uses the external public IP address of your firewall in the PASV response.

This problem is so common that some FTP client software programs automatically ignore the address in the PASV response when it is a private address.  Also be sure that the ports are correct.... you can figure out the port by multiplying the fifth number by 256 and then adding the value of the sixth number.  For the PASV response above that would be:
(197 x 256) + 87 = 50519
So your firewall will need to forward an inbound connection request on that port to the computer where the FTP server is actually running.
0
 

Author Comment

by:RafalKa
ID: 39793532
I was testing it from the inside of network. But from the outside it works just fine. Thank you for help anyway.


Best regards
0
 

Author Closing Comment

by:RafalKa
ID: 39793536
Resolved by my self.
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
A small collection of useful tips and tricks for Windows 10 users that I decided to write as a result of recent questions that were asked and answered at Experts Exchange. Two short video tutorials included. Enjoy..
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question