Re: FTP Login Issues
- From: "Tom Bombadill" <Genius_poster@xxxxxxxxx>
- Date: Wed, 24 May 2006 11:20:36 -0700
Hi Robin,
Thanks much for you're reply.
What firewall are you referring to?
It's the firewall device that separates our network from the Internet, as
opposed to SW firewall on each machine. It's a Watchguard Firebox Edge 15.
It's very decent.
FTP is not that easy, because of the separate >>connection for data
transfers. Exactly what have you >>specified in the firewall?
I have only 'Allowed' the FTP rule for incoming traffic. And I have
specified the IP address of the FTP Server for this rule. Nothing else. I
believe that's pretty standard port forwarding procedure. I have done a
similar thing before for VPN connections to an internal server, and it
worked fine.
What allowance in the firewall have you made for >>passive-mode data
connections?
None! Did not know any was required! Did not see any settings for
Passive-mode data connections and I'm not familiar with that concept.
What configuration in the server have you made for >>passive-mode data
connection port ranges?
Same as above!
Is the firewall also doing NAT? Is the actual internal >>IP address of
the FTP server the same as the one you >>use from the external internaet?
Yes, the firewall does function as a NAT. So there's a range of private IP
addresses used inside our network, and 1 public IP address used by the
external interface of the Firewall/Router. The FTP server of course has a
static private IP address. So when I want to access the FTP server from the
Internet, I use the external IP address, and expect it to be forwarded to
the FTP server specified on the Firewall.
Which port number is the FTP server listening on for >>control
connections?
I tried specifying a port number after the IP address (:21). But when I
submitted the change it automatically reverted back to the IP only. Please
keep in mind that this is an existing rule. I only 'Allowed' it and
specified the IP address. So I think it should be hitting the right port
number.
You appear to be using some third-party FTP client >>(which one?), which
is concealing from you the actual >>FTP protocol exchanges. Please use a
line-mode >>client or one which displays the FTP protocol >>exchanges, and
post the actual FTP exchanges and >>error messages here.
I'm using IE 6.0 as my client. What I do is I insert the external IP address
of the firewall in the IE address bar as follows: eg ftp://157.16.218.12. I
don't get any additional error messages beside the ones I have posted. If by
line mode you mean using the FTP command from the command prompt, I enter
the exact same line as above. At first, I get code 220 showing it has
connected to the firewall. It then asks for my Username/Password. When
entered, it displays code 530 Access denied.
Can you be sure that you are actually connecting from >>the outside world
to the correct internal FTP server >>rather than some other one?
Considering the above, how do I verify that? I'm pretty sure that the IP
address specified on the firewall is correct. I'm also pretty sure the FTP
service works properly when connected from the inside.
Thanks again for your help,
.
- Follow-Ups:
- Re: FTP Login Issues
- From: Bernard Cheah [MVP]
- Re: FTP Login Issues
- From: Robin Walker [MVP]
- Re: FTP Login Issues
- References:
- FTP Login Issues
- From: Tom Bombadill
- Re: FTP Login Issues
- From: Robin Walker [MVP]
- FTP Login Issues
- Prev by Date: terminating dialog based app which runs in infinate loop
- Next by Date: Re: IE accessing ftp file link not working
- Previous by thread: Re: FTP Login Issues
- Next by thread: Re: FTP Login Issues
- Index(es):
Relevant Pages
|
