Re: Active FTP

Tech-Archive recommends: Speed Up your PC by fixing your registry

From: Nick Domukhovsky <ndomukhovsky@xxxxx>
Date: Wed, 07 Mar 2007 12:35:25 +0500

Thanks for the reply.

I have allowed all outbound traffic. I have enabled the FTP filter. I can
authenticate onto the public FTP server, but I cannot establish a data
connection (cannot even list files).

Do I need a rule to open port 20?

I've made testing network on virtual machines:

Host ISA ws-linux
10.100.18.57 ------ 10.100.18.156 192.168.0.1 ----- 192.168.0.2
internal external

Network relationship between internal and external is NAT.
Firewall policy contains only one rule - Allow all outbound traffic from
internal to external for all users.

On my host computer I establish FTP session with ws-linux (it uses
proFTPd). Here log of my session:

C:\>ftp 192.168.0.2
Connected to 192.168.0.2.
220 ProFTPD 1.3.0 Server (Debian) [::ffff:192.168.0.2]
User (192.168.0.2:(none)): anonymous
331 Anonymous login ok, send your complete email address as your password.
Password:
230-Welcome, archive user anonymous@::ffff:192.168.0.1 !
230-
230-The local time is: Thu Mar 1 06:56:18 2007
230-
230-This is an experimental FTP server. If have any unusual problems,
230-please report them via e-mail to <root@xxxxxxxxxxxxxxxxxxxx>.
230-
230 Anonymous access granted, restrictions apply.
ftp> ls
200 PORT command successful
150 Opening ASCII mode data connection for file list
welcome.msg
226 Transfer complete.
ftp: 13 bytes received in 0,00Seconds 13000,00Kbytes/sec.
ftp>

As you can see (after ls command) ftp used active mode and all was
successful. So your problem somewhere else. Try to monitor FTP server's
answers, maybe some other rules block them.

--
With best regards
Nickolay Domukhovsky, MCSA
.

References:
- Active FTP
  - From: Peter Downes
- Re: Active FTP
  - From: Nick Domukhovsky
- Re: Active FTP
  - From: Peter Downes

Prev by Date: Re: Active FTP
Next by Date: Re: ISA 2004 and VPN 619 error
Previous by thread: Re: Active FTP
Next by thread: Re: Active FTP
Index(es):
- Date
- Thread

Relevant Pages

Re: Microsoft FTP Server problem on W2K?
... It is a UNISYS ClearPath mainframe system that is trying to FTP using ... passive mode to a MS FTP server. ... Currently the mainframe FTPs in ACTIVE mode. ... Since the mainframe pushes files to our customers over a WAN connection, ...
(microsoft.public.inetserver.iis.security)
Re: how do i close an app that has no forms?
... FTP connections through Internet Explorer send info ... If you don't have a firewall ... > a connection is instantiated with a server. ... > a request is sent to the FTP server, ...
(microsoft.public.vb.general.discussion)
Re: .NET CF Socket are behaving very strangely
... I analysed the FTP log and I notice that PASV ... limited range of ports forwarded to the ftp server that is different ... error "No connection could be made because the target machine actively ...
(microsoft.public.pocketpc.developer)
Re: help with allowing ftp access.
... The "connection refused" error occured because you had no ftp server running. ... Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org ...
(comp.os.linux.setup)
RE: Telnet/ftp problems SBS2000
... Please make sure your client computers are configured as both Firewall ... will find two options "Enable folder view for FTP sites" and "Use Passive ... that the control connection has been successfully established, ... (other than port 21) ...
(microsoft.public.windows.server.sbs)