Can't Connect to FTP server 1

[Vec]

I have tried several ftp servers including Serv-U and even some freeware stuff, but I can't connect to my FTP server running on my WinXP box!
I have already disabled the firewall. I am not using a router. I do have interet connection sharing enabled on this computer and share the connection with two other machines on an XP home network. I can connect to the ftp server from a machine on my network using my external IP (not the network one) just fine but when I go to my office across the city and attempt it, it never works, I never get the login prompt from the server. It times out while waiting for a response.
What the heck??? I even went as far as to disable inetrnet sharing, reformat the machine, re-instal WinXP PRo fresh, install the ftp server and disable the firewall and it still won't work????
What is Bill thinking here?
Anyone got a solution?

-------------------------------------------------------------------------
-------------------------------------------------------------------------

"Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Univer

 

[CluelessJon]

Hello Vec...

It sounds to me like the firewall in the OFFICE is not letting you connect to the XP BOX.

did you leave the default port of your ftp to 21 ?

Or have you tried to connect to your XPBOX from the Office using PASSIVE mode ?

Regards

Jonno BrainDump Specialist
MCSE(NT) MCSA(2k) CCNA

 

[Vec]

Default port is at 21, I also tried using other ports. The office does have a hardware firewall but I can't exactly remove it, what is the passive mode? And what will it do? Can I somehow open port 21 on the hardware firewall? Is this possible? We do have a network admin so do I ask him?

-------------------------------------------------------------------------
-------------------------------------------------------------------------

"Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Univer

 

[CluelessJon]

Hey Vec.

If you use a program like BulletProof FTP

http://www.bpftp.com

that will allow you to connect in passive mode ( just select it in the options ). It could be worth testing with that before you speak to your network admin.

Failing that you DO need to speak to your ADMINS and ask them if port 21 FTP PORT is open.



Regards

Jonno BrainDump Specialist
MCSE(NT) MCSA(2k) CCNA

 

[Vec]

OK, will try your suggestions tomorrow, thanks for the help.

-------------------------------------------------------------------------
-------------------------------------------------------------------------

"Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Univer

 

[Vec]

Actually, you know what? I just realized that it can't be a closed port on the hardware firewall at my office because I can connect to other FTP servers just fine at another location, just not to mine at home on my stupid XP box, I have looked online in some other forums and it looks as though a lot of other users have the same prob with XP, but I can't find a solution, anyone out there know of a fix? This is rather important as I need to do backups to my home machine from my office.

-------------------------------------------------------------------------
-------------------------------------------------------------------------

"Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Univer

 

[CluelessJon]

Can you ping the IP address of your FTP server ?

Regards

Jonno BrainDump Specialist
MCSE(NT) MCSA(2k) CCNA

 

[bcastner]

Adapted from Broadbandreports.com, Bill from MI:


FTP uses 2 TCP connections (or channels), 1 for control and one for data.
The standard control connection is TCP port 21.
The default data connection (and extremely rare to see - you can almost forget it exists) is port 20.

When an FTP connection is made but listing a directory or sending data fails it is almost ALWAYS the data connection at fault! This is by far the most common problem encountered in FTP connections.

FTP has 2 modes, PORT (also called "regular" or "normal" mode) and PASV ("passive" mode for clients behind firewalls).

The client determines the mode that will be used (or attempted as the case may be)...
If the client issues a PORT command, it is attempting "PORT" mode.
If the client issues a PASV command, it is attempting "PASV" mode.
If the client does not issue either command, PORT mode is assumed using port 20 for data (again, very rare these days).

In PORT mode, the client (yes the CLIENT!) is the server end of the data channel.
In PASV mode, the server is the server end of the data channel.

The difference between PORT and PASV modes is which end plays "server" for the data channel!

If you are going to use FTP regularly, get to know how to read logs and what the PORT and PASV commands do!
Here's some help...

Client> PORT 12,34,56,78,65,43
Server> 200 PORT command successful.
In this example of PORT mode the client has said it will be listening on IP address 12.34.56.78 on TCP port 16683 for the data channel.
(Note: the port is the 65,43 pair and is: 65x256 + 43 = 16683).
The client is the server for the data channel so if behind an NAT, port 16683 better be forwarded!

Client> PASV
Server> 227 Entering Passive Mode (123,45,67,89,158,26)
In this example of PASV mode the server has said it will be listening on IP address 123.45.67.89 on TCP port 40474 for the data channel.
(Note: the port is the 158,26 pair and is: 158x256 + 26 = 40474).
The server needs this data channel to be forwarded along with the control channel!

Some servers and clients know how to handle FTP modes behind an NAT "firewall."

Notice PORT and PASV commands involve an IP address and a port for the data channel.

One problem is the client or server in on a LAN but needs the WAN address to be sent.

The other problem is the client or server needs to have the data channel port forwarded - if it is the server end of the data channel.

Servers that can do PASV mode behind an NAT firewall:
wu-ftpd
BPFTPServer
Serv-U

Clients that can do PORT mode behind an NAT firewall:
FlashFXP
BPFTP

As you have tried both PORT and PASV clients from your description, It would be helpful to know the client you are using from your remote site. Some possibilities:

1. You have failed to forward both the control port and data port for your client;

2. The default for IE and XP FTP is passive mode. You may be using a PASV client for a PORT server or vice-versa;

3. A combination of problems with #1 and #2

 

[nbateman]

My variation on your problem:

Two machines inside a firewall - one linux, one XP home.

Linux works fine, XP home does not.

Ftp clients on XP machine (DOS ftp, and Terapin) can both connect, but both give errors on most commands.

ftp reports the following on DIR command:
500 Illegal PORT command.
425 Can't build data connection: Connection refused

put command gives error:
503 No PORT command issued first.


Problem solved by using bpftp which automatically selected PASSIVE mode.

Thanks to cluelessJon and particularly bcaster for the excellent post above which pointed me in the right direction.