Re: FTP on IIS6.0 Not Working
From: Bernard (qbernard_at_hotmail.com.discuss)
Date: 03/04/04
- Previous message: Bernard: "Re: re-installing IIS FTP"
- In reply to: Jenna: "Re: FTP on IIS6.0 Not Working"
- Next in thread: Jenna: "Re: FTP on IIS6.0 Not Working"
- Reply: Jenna: "Re: FTP on IIS6.0 Not Working"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 4 Mar 2004 11:00:42 +0800
Mm.. it doesn't looks like to me KB294679 is configured.
As you should be able to connect with ftp.exe without any problems.
I would suggest you try these articles again -
http://www.isaserver.org/tutorials/Publishing_an_FTP_Server_on_ISA_Server.html
http://www.isaserver.org/tutorials/Publishing_FTP_server_on_ISA.html
and other ftp resources -
http://www.isaserver.org/pages/search.asp?query=FTP
-- Regards, Bernard Cheah http://support.microsoft.com/ Please respond to newsgroups only ... "Jenna" <stilesj AT meachamapel DOT com> wrote in message news:#CXFn8UAEHA.3048@tk2msftngp13.phx.gbl... > Here's what I get while using ftp.exe on the LAN: > > C:\>ftp 10.0.0.4 ; internal nic ip > Connected to 10.0.0.4. > 220 Microsoft FTP Service > User (10.0.0.4:(none)): username > 331 Password required for username. > Password: > 230 User username logged in. > ftp> dir > 200 PORT command successful. > 150 Opening ASCII mode data connection for /bin/ls. > 07-01-02 01:36PM 0 brent was here to test. > 226 Transfer complete. > ftp: 67 bytes received in 0.01Seconds 4.47Kbytes/sec. > ftp> quit > 221 > > C:\>ftp 10.0.1.2 ;external nic ip > Connected to 10.0.1.2. > 220 Microsoft FTP Service > User (10.0.1.2:(none)): username > 331 Password required for username. > Password: > 230 User username logged in. > ftp> dir > 500 Invalid PORT Command. > 150 Opening ASCII mode data connection for /bin/ls. > > ;;then it just sits there and eventually times out. > > The same thing happened remotely using ftp.exe as happened with ftp.exe to > the external nic ip from the LAN (Invalid PORT command, then timed out). > I'm happy to try it one more time remotely, but I don't anticipate that it > has changed. > Any other ideas? I greatly appreciate your time and assistance...I am > completely stumped. > Should port 20 show up in netstat at all? I was thinking probably not, but > just thought I'd check. > > > "Bernard" <qbernard@hotmail.com.discuss> wrote in message > news:uJrs3rOAEHA.3184@TK2MSFTNGP09.phx.gbl... > > what tool do you use to login ? > > have you try ftp.exe command line util to login from remote machine ? > > > > if you are sure 21/20 ports is open, you should be able to use ftp.exe > > to login and do dir list. > > > > -- > > Regards, > > Bernard Cheah > > http://support.microsoft.com/ > > Please respond to newsgroups only ... > > > > > > "Jenna" <stilesj AT meachamapel DOT com> wrote in message > > news:Oh6t8GJAEHA.220@TK2MSFTNGP09.phx.gbl... > > > Thank you for your response, Bernard. > > > I have ISA configured exactly as in MS KB 294679, which opens 21 and 20 > > for > > > FTP. This was already set up before the upgrade to IIS 6.0 and was > > working > > > before, as well. > > > > > > I could try the passiveportrange thing and configure it on ISA, however > we > > > have a Cisco Router, as well. It is configured to allow traffic on 20 > and > > > 21, but I wouldn't guarantee the higher ports for that. > > > > > > This was all working fine before our upgrade to Windows 2003 and IIS > 6.0, > > > which is why my concern that there's potentially another setting in IIS > > that > > > changed to mess this up. I'm also thinking this because it does appear > to > > > authenticate me okay with my user name and password, and the log > indicates > > > this, as well. It just won't let me see or do anything and appears to > > just > > > close the connection with a time out, based on the log. > > > > > > Actually, here's the most recent log of my attempts, if it helps from > the > > > MSFTPSVC1 folder in my LogFiles directory: > > > #Software: Microsoft Internet Information Services 6.0 > > > #Version: 1.0 > > > #Date: 2004-03-02 17:27:48 > > > #Fields: time c-ip cs-username s-ip s-port cs-method cs-uri-stem > sc-status > > > sc-win32-status cs(User-Agent) > > > 17:28:19 127.0.0.1 username 10.0.0.4 21 [10]USER username 331 0 - > > > 17:28:19 127.0.0.1 username 10.0.0.4 21 [10]PASS - 230 0 - > > > 17:28:19 127.0.0.1 username 10.0.0.4 21 [11]USER username 331 0 - > > > 17:28:19 127.0.0.1 username 10.0.0.4 21 [11]PASS - 230 0 - > > > 17:28:19 127.0.0.1 username 10.0.0.4 21 [11]CWD /library 250 0 - > > > 17:28:50 127.0.0.1 username 10.0.0.4 21 [11]CWD /library 250 0 - > > > 17:28:55 127.0.0.1 username 10.0.0.4 21 [12]USER username 331 0 - > > > 17:28:55 127.0.0.1 username 10.0.0.4 21 [12]PASS - 230 0 - > > > 17:28:55 127.0.0.1 username 10.0.0.4 21 [12]CWD /library 250 0 - > > > 17:29:11 127.0.0.1 username 10.0.0.4 21 [11]CWD /library 250 0 - > > > 17:30:28 127.0.0.1 username 10.0.0.4 21 [10]closed - 421 121 - > > > 17:31:28 127.0.0.1 username 10.0.0.4 21 [11]closed - 421 121 - > > > > > > So, if I'm reading this correctly, it authenticates me okay and even > > appears > > > to open the folder okay and you can see the internal ip, so it must be > > > resolving okay. Am I reading something wrong? What am I missing? > > > Thanks so much for your help! > > > > > > > > > "Bernard" <qbernard@hotmail.com.discuss> wrote in message > > > news:%23rfsvaAAEHA.2632@TK2MSFTNGP12.phx.gbl... > > > > Great. looks like is ISA ports blocking issue, now - > > > > > > > > do you configure FTP running other than default port 21 ? > > > > FTP Error: 500 Invalid PORT Command > > > > http://support.microsoft.com/?id=281193 > > > > > > > > active mode uses 21 and 20, passive mode by default use > > > > dynamic port range from 1024 to 5000. > > > > > > > > check if your ISA allow connection for port 21/20. this should > > > > solve active mode connection. > > > > > > > > For passive mode, you configure passiveportrange in IIS 6.0. > > > > then open the port range in ISA.. > > > > How To Configure PassivePortRange In IIS > > > > http://support.microsoft.com/?id=555022 > > > > > > > > > > > > -- > > > > Regards, > > > > Bernard Cheah > > > > http://support.microsoft.com/ > > > > Please respond to newsgroups only ... > > > > > > > > > > > > "Bernard" <qbernard@hotmail.com.discuss> wrote in message > > > > news:#bF1#K0$DHA.1548@TK2MSFTNGP12.phx.gbl... > > > > > Wow.. you have many problems. > > > > > Can we start one by one ? > > > > > > > > > > a) first, test everything locally first. > > > > > can you login locally using ftp.exe -> ftp localhost ? or ftp yourip > ? > > > > > > > > > > b) so you have ISA running in the same box with IIS 6 ? > > > > > > > > > > c) from remote machine, can you login via ftp.exe to your IIS > server? > > > > > try login and dir listing. > > > > > any problem ? > > > > > > > > > > d) if you use IE to connect, any problems ? > > > > > > > > > > > > > > > -- > > > > > Regards, > > > > > Bernard Cheah > > > > > http://support.microsoft.com/ > > > > > Please respond to newsgroups only ... > > > > > > > > > > > > > > > "Jenna" <stilesj AT meachamapel DOT com> wrote in message > > > > > news:OLQ8YOW$DHA.4080@TK2MSFTNGP09.phx.gbl... > > > > > > Okay, bear with me on this...I feel like I've tried everything and > > > can't > > > > > get > > > > > > this to work! > > > > > > > > > > > > I had virtual directories set up for an FTP site on our server and > > > they > > > > > were > > > > > > working fine. They we upgraded the server from Windows 2000 > Server > > to > > > > > > Windows Server 2003 (also Exchange 2000 to Exchange 2003) and from > > > > IIS5.0 > > > > > to > > > > > > IIS6.0. > > > > > > I guess IIS had a little trouble updating at the time and when it > > got > > > > > > updated my FTP virtual directories got wiped out. No problem, I > > said, > > > > > I'll > > > > > > just recreate them. > > > > > > Well, I have recreated them and they are inaccessible from remote > > > > > computers > > > > > > over the internet (I can get on from a computer on the LAN). > > > > > > What happens is when I type in the address, it asks for my > password > > > > > normally > > > > > > and even accepts my user name and password, but then breaks down > > with > > > > this > > > > > > message: > > > > > > 200 Type set to A > > > > > > 500 Invalid PORT command > > > > > > 500 LPRT 6,16,0,0,0,0,0,0,0,0,67,0,0,0,0,0,133,96,2,13,29 > > > > > > > > > > > > I was originally referred to KB281193. I'm not sure how this > > article > > > > > > provides a solution, though, and the LPRT response I get is > clearly > > > not > > > > > like > > > > > > the 6 number example shown. > > > > > > The attempt above was without Passive Mode checked in IE. With > > > Passive > > > > > Mode > > > > > > checked, it just times out after entering the user name and > > password. > > > > > > I am running ISA Server 2000, but this was set up before the > upgrade > > > to > > > > > > IIS6.0 and I believe all the settings are fine here to allow > access. > > > I > > > > > have > > > > > > gone through articles 310110 and 294679 just to be sure. When I > > > > followed > > > > > > the "Publish the FTP Site" instructions in 310110, I got an event > > log > > > > > error: > > > > > > Web Proxy Service failed to bind its socket to 10.0.1.2 port 80. > > > Could > > > > be > > > > > > another service using same port or a NIC that's not functional. > > > > > > (The NIC is fine and the service continues to run after this > > message.) > > > > > > > > > > > > When following article 294679, it mentions changing the > > > EnablePortAttack > > > > > > value to 1. However, I cannot find this variable (or, I believe > the > > > IIS > > > > > > help file mentioned another name for it in 6.0) in the registry > > > > anywhere. > > > > > > Is this something that I'm supposed to create, or does the fact > that > > > its > > > > > > missing mean that IIS6.0 is not properly installed? > > > > > > > > > > > > I also read some information about setting the PassivePortRange > > > > > (KB555022), > > > > > > but am not sure how this would help. > > > > > > > > > > > > Another note that may or may not be helpful: I'm setting up the > > > virtual > > > > > > directories on FTP as a path to another server. I have it set up > to > > > use > > > > > the > > > > > > user's authentication so that it uses their permissions when > > accessing > > > > the > > > > > > folder. This does cause an error in the event log upon creation > and > > > > > > reboots: > > > > > > Unable to add virtual root '/foldername' for the directory > > > > > > '\\server\foldername' due to the following error: Access is > denied. > > > > > > Despite this I can still access this from a computer on the LAN. > If > > I > > > > > > assign to use a specific user's permissions, I don't get that > error, > > > but > > > > > > there's too much access then, and I still can't access remotely. > > > > > > > > > > > > Finally, I've been considering doing a VPN using PPTP for a more > > > secure > > > > > > option instead...is this relatively easy and should I just try > that > > > and > > > > > give > > > > > > up on FTP? > > > > > > Thanks, anyone, for some help or advice...this is driving me > crazy! > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >
- Previous message: Bernard: "Re: re-installing IIS FTP"
- In reply to: Jenna: "Re: FTP on IIS6.0 Not Working"
- Next in thread: Jenna: "Re: FTP on IIS6.0 Not Working"
- Reply: Jenna: "Re: FTP on IIS6.0 Not Working"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
|
