FTP Client wont connect properly, firewall issue

Maljonic

Maljonic

Can't get enough of FH
Joined
Dec 22, 2003
Messages
1,297
There's this one server that I can't connect to unless I switch sygate personal firewall to allow all. If I leave it on normal it connects and accepts my username and password but then says the following:

Code: 
500 'P@SW': command not understood
STATUS:>  	PASV failed, trying PORT.
COMMAND:>	PORT 10,0,0,13,14,172
		200 PORT command successful.
COMMAND:>	LIST
		150 Opening ASCII mode data connection for /bin/ls.
ERROR:>   	Timeout (30000 ms) occurred on accepting data connection from server.
STATUS:>  	Waiting 0 seconds...
		425 Can't open data connection.
ERROR:>   	Trashed response received.

Any Ideas why it does this. It's only one out of dozens of sites that have this problem. It's also the only one running asp scripts on a windows server if that makes any difference?
 
nath

nath

Fledgling Freddie
Joined
Dec 22, 2003
Messages
8,009
Because FTP stuff is all about inbound and outbound connections, it's likely your firewall is being tetchy and doesn't allow it. There should be an option within it to allow/trust your FTP client. That should sort it out.
 
wyrd_fish

wyrd_fish

Fledgling Freddie
Joined
Dec 27, 2003
Messages
537
it says it's failing in passive mode ( STATUS:> PASV failed, trying PORT. )

i'm no FTP pro, but as far as i know, passive mode is what allows you to use FTP from behind firewalls
 
anattic

anattic

Fledgling Freddie
Joined
Dec 22, 2003
Messages
182
It looks like there's no passive support at the server-end. In FTP, there are two connections - control and data.

The control connection on tcp/21 is started by the client on a listening port on the server (and is the one created when you hit the connect button).

The data connection (on a tcp port >1023) only comes into existence when you try to get/put a file or list the directory contents.

In traditional 'active' FTP, this connection is established by the server back to a listening port on the client. Passive mode FTP was added later and switches that around - the client creates a connection to the server.

The advantage of passive (PASV) mode is that all the holes in the firewall are at the server-end. Most browsers only now support passive FTP. Unfortunately, not all servers support it. Looks like this site doesn't...

To make it work in active mode, you'll need to open the firewall up to allow inbound connections to the data port (maybe the firewall is smart enough to do this on the fly, or maybe your ftp client will allow you to fix it to a specific port?).

More on active-vs.-passive here: http://slacksite.com/other/ftp.html
 
Maljonic

Maljonic

Can't get enough of FH
Joined
Dec 22, 2003
Messages
1,297
Thanks, that sounds right - fits in with what we've noticed when we tried to connect to the server. The server belongs a to a guy who keeps it in his office, it's not a hosting company, so it sounds very likely that he doesn't have it set up right for this. I'll let him know so he can sort it out. :)
 
You must log in or register to reply here.

Users who are viewing this thread

Total: 2 (members: 0, guests: 2)

Similar threads

Jupitus
Security Good generic VPN client for MacOS?
Replies
15
Views
643
Ormorof
Ormorof
Gwadien
Monitor Issues
Replies
6
Views
825
Moriath
Moriath
fettoken
Torrent-client
Replies
7
Views
675
Scouse
Scouse
Shagrat
Virgin cable issue
Replies
8
Views
505
Moriath
Moriath
DaGaffer
Kodi issue
Replies
6
Views
735
caLLous
C
Top Bottom