SBS 2011 Cannot access FTP frpm outside browsers
Windows SBS 2011 FTP is accessible form inside the domain after I reset the FTP Connect As password after 2 years of non-use. When I try to access the FTP from outside the domain I cannot get in. On a Windows 10 PC with IE 11 I get prompted for the user logon repeatedly while displaying this page cannot be displayed. On a Windows 7 PC with IE 11 it just gives me the message that this page cannot be displayed.
The FTP logs don't say a lot but claim that outside in coming in Anonymously. I have Anonymous disabled in IIS.
The FTP logs don't say a lot but claim that outside in coming in Anonymously. I have Anonymous disabled in IIS.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
When you say outside the domain... do you mean accessing the ftp server from the Internet?
If so, what device controls your firewall/router device?
Dan
If so, what device controls your firewall/router device?
Dan
ASKER
OK, I can access out FTP site internally from the domain. Externally I am able to access it using Filezilla after making sure my firewall rules were correct.
What isn't working is trying to access the ftp site from outside the domain using IE 11
What isn't working is trying to access the ftp site from outside the domain using IE 11
ASKER
When I try to access via a web browser I get prompted for the login information and after entering it I get This Page Can't Be Displayed when accessing outside the domain.
ASKER
Here is the FTP log from successful FileZilla access and failed IE access. I do not know why there are the Anonymous Access messages, I have that disabled but IE is getting a prompt for User and Password before returning the Can't Display message.
u_ex151017-Support.txt
u_ex151017-Support.txt
ASKER
Dan, yes I mean from the internet. I am using Meraki MX 80 firewalls and in performing packet capture I can see everything going through the firewall.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I followed the process and received the following error. The credentials used work in FileZilla
An error occurred opening that folder on the FTP Server. Make sure you have permission to access that folder.
Details:
200 Type Set to A.
227 Entering Passive Mode (10,0,1,10,71,171).
An error occurred opening that folder on the FTP Server. Make sure you have permission to access that folder.
Details:
200 Type Set to A.
227 Entering Passive Mode (10,0,1,10,71,171).
And what user is showing up in the ftp logs now?
You may have to adjust the NTFS permissions on the file system objects that you are trying to access.
Is there some requirement that you have to use IE to do the FTPing? Its not the best ftp client.
Dan
You may have to adjust the NTFS permissions on the file system objects that you are trying to access.
Is there some requirement that you have to use IE to do the FTPing? Its not the best ftp client.
Dan
ASKER
I think it starts with them being familiar with IE and their FTP. I did get them to start using FileZilla today as a workaround.
As far as FTP Clients, they are concerned with asking their clients to download software from the Internet. When you don't use the local option of Show Additional Download Options on FileZilla's website, the client on Sourceforge their button routes you to tries to include a couple of additional pieces of software you have to be sharp enough to opt out of installing. They don't want to be responsible for clients getting malware.
u_ex151017-Support-2.txt
As far as FTP Clients, they are concerned with asking their clients to download software from the Internet. When you don't use the local option of Show Additional Download Options on FileZilla's website, the client on Sourceforge their button routes you to tries to include a couple of additional pieces of software you have to be sharp enough to opt out of installing. They don't want to be responsible for clients getting malware.
u_ex151017-Support-2.txt
ASKER
The FileZilla answer isn't working for their clients. I notice when I use it I get a status:
Server sent passive reply with unroutable address. Using server address instead.
Server sent passive reply with unroutable address. Using server address instead.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
A yes to all three items.
I am not sure if there is a way to get a web browser or a the mapped FTP location in Explorer to work? Is there anything else left to try to make either or both work?
I am not sure if there is a way to get a web browser or a the mapped FTP location in Explorer to work? Is there anything else left to try to make either or both work?
ASKER
Any idea why my FTP site isresponding in Passive mode?
Because passive is the default setting of the client you are using.
If you want explicit connections, you have to configure your client side ftp server connection to use that.
Dan
If you want explicit connections, you have to configure your client side ftp server connection to use that.
Dan
ASKER
I realized what you meant when you said in a previous post it was the FileZilla setting. What I am wondering is if IE and Windows Explorer aren't working because of the same reason, and if so how do you change that from being Passive?
ASKER
While my original issue still exists, with the help of Dan a workaround solution was achieved.
ASKER