Solved

Filezilla client unable to get directory listing from a Windows Filezilla Server

Posted on 2014-02-04
3
957 Views
Last Modified: 2014-02-04
I am connected from a Windows 7 workstation that has FTP Filezilla Client installed. I am connecting to a Windows Server 2003 via a Hardware Firewall VPN that has Filezilla Server installed. I am able to connect to the server but I am not able to see the directory listing of the folders. On the server the local windows firewall is not running so I am unsure what is at fault. I am able to commit to the FTP Folder, just not able to review the listing directory.
0
Comment
Question by:GenieMaster
3 Comments
 
LVL 17

Expert Comment

by:Kent Dyer
ID: 39832410
Reading this..  First immediate thought that comes to mind is permissions..  The other immediate thought is FTP and then SFTP..  What are the permissions?  What ports is the FTP/SFTP server working with?  Is it port 21 or port 22?  If it is port 22, do you have a valid ssl cert configured and setup?
0
 

Author Comment

by:GenieMaster
ID: 39832538
The port the FTP server is listening on is Port 21

I have read something about that you may need to set it up in Passive Mode in order for it to work correctly but am unsure on how to set this up.

On Filezilla it says
"Use custom PASV settings if you are operating the server from behind a NAT router or a firewall. In that case, the IP address of the server is not accessible from outside of the router, so you should fill in the correct address here. Use the port range to limit the number of ports that will need to be forwarded through the router."
0
 
LVL 16

Accepted Solution

by:
AlexPace earned 250 total points
ID: 39832812
The connection and user authentication happens on the port 21 control channel.  

To get a directory listing, the client sends the LIST verb on the control channel but then actually receives the listing on a data channel connection that is negotiated on an as needed basis by sending either the PORT or PASV command.

The PORT command is sent when the client wants an Active Mode data channel and obviously PASV for Passive Mode.

In Active Mode, your network security must be configured to allow the server to initiate an inbound connection back to the client machine.  If your client machine has a private address, for example in the 10.x.x.x or 192.168.x.x ranges, then your client either needs to send a public address or your firewall will need to snoop the control channel and replace the private address with a public address on the fly...  This used to be a high-end feature but these days consumer-grade NAT routers can do it.

In Passive Mode, your network security must be configured to allow your client machine to make an outbound connection to any port in the server's passive port range.  You don't know what port it will be until the server responds to the client's PASV request.

For either mode, the IP address and port number are represented as a set of six comma-separated numbers.  The first four numbers is the IP address.  The last 2 numbers represent the port number.  Sometimes you need to calculate the exact port for troubleshooting purposes... to do that multiply the 5th number by 256 and then add the value of the 6th number.  It will be a number higher than 1024 and less than 65536.  The administrator of the remote FTP server should be able to tell you their passive port range so you don't have to guess when you make your pinhole in the firewall.
0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
Over the past decade, as Internet security has become a chief concern of IT professionals, one of the most common questions administrators and users ask is, “Which is more secure, SFTP or FTPS?” In short, both file transfer protocols offer a high…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now