×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

FTP Issues with customers, looking for some insight

FTP Issues with customers, looking for some insight

FTP Issues with customers, looking for some insight

(OP)
Hello all,
I have a ton of questions and will try and pile all of them in this one post but feel free to answer any of them that you may know the answer to. They will all be related to FTP in one way or another as I have reached the end of things I can think of to try. Thanks to all who take the time to read and post.....

So I have created a Windows Server 2016 VM with FTP server enabled on it. It is hiding behind our business firewall with the firewall only allowing ports 20,21 and 23000-30000 as passive ports. Only US IPs are allowed to it and any outside the US IPs are hard coded to bypass in with those ports. Everything else is blocked. I have the IP and passive ports set in IIS. Have all of the users and folders set up as needed. It seems to work fine for all of the people that are accessing it. It has XML/CSV files of our product catalog, an images folder for our clients to import into their website, and one folder for them to add files. Everyone is accessing it either via a browser, Filezilla, or PHP calls. We started having an issue with two clients stating that they could upload files most of the time but it would randomly not be able to do so without any error codes. I tried watching the traffic with wireshark and all I see is that the connection just stops talking, no END packet, no more ACK packets, nothing. It just stops conversing. Since the business FW is in between it and the internet I tried disabling the Windows FW to see if it was causing any issues and the issue persisted. Tried checking the connection settings and increased timeouts but no dice.

So I decided to see if our business FW was causing the issue intermittently and made an exact copy of this VM and put it on the Internet side of our FW, restricted FTP to connect only from one IP that was having issues, and only enabled the same ports through the Windows FW but it has the exact same issue. I made an Ubuntu VSFTPD server from scratch and put it on the outside of our business FW but it had the exact same issue. The only thing I can think of is that they have a firewall between our servers and where ever they are calling the FTP request from and it is messing with things. If you have any ideas as to what could be causing it, please comment.

That led me down two different question paths as I don't know what else to try FTP-wise. One being is the server "safe" outside in the internet with only those ports open and isolated to FTP traffic only coming in from one IP? Since all you can do over port 20,21 is FTP and IIS wont allow any other IP address to connect I feel that is locked down. Even if they spoof that particular IP they need creds to get in. My main question is having ports 23000-30000 open. I don't have any other program installed on there that uses those ports other than being the passive ports for FTP. So I'm assuming this means they are "safe" as there really isn't anything to talk to on those ports on the server.

The second question I had was what other alternatives to FTP should I be looking into? What is being used out in the real world? This isn't super sensitive data on the FTP server but obviously would rather it not fall into the "wrong" hands. Saw there was something called AS2 but that sounds like a nightmare to get other super small companies to deal with as there is setup on their end too. Feel free to offer other suggestions.

Thanks all!

Learning - A never ending quest for knowledge usually attained by being thrown in a situation and told to fix it NOW.

RE: FTP Issues with customers, looking for some insight

Depends on what you're trying to accomplish. For simple file sharing, we migrated a lot of users to Box. Something like that may not be an option for you... we still have some FTP users, as some applications still need simple FTP.

LoPath
Maintain HiPath 4000 V5 & V6, OpenScape Xpert V4 & V6, OpenScape Xpressions V7, OpenScape Contact Center V8, OpenScape Voice V9

RE: FTP Issues with customers, looking for some insight

(OP)
As we currently sit it is a repository for a bunch of xml and csv files that customers need to access to get our pricing/item info. A lot do it via php scripting and some do it manually via browser/ftp client. Also, some clients drop in PDF files into specific folders also usual via script. Not sure if this all can be done with a box account, especially those utilizing php scripts.

Thoughts?

Learning - A never ending quest for knowledge usually attained by being thrown in a situation and told to fix it NOW.

RE: FTP Issues with customers, looking for some insight

I'm not up to speed on what all Box can do, but I think it may be worth inquiring. Their web site makes it sound possible?

"Box Platform enables you to use Box as the content management platform for your entire business, helping content flow seamlessly across every part of your organization. With our easy-to-use APIs, you can integrate Box with other apps and systems, run scripts to manage content, users or settings in Box programmatically, and interact with content in Box as part of your custom workflows and processes."

LoPath
Maintain HiPath 4000 V5 & V6, OpenScape Xpert V4 & V6, OpenScape Xpressions V7, OpenScape Contact Center V8, OpenScape Voice V9

RE: FTP Issues with customers, looking for some insight

(OP)
I will look into them. Thanks for the info.

Learning - A never ending quest for knowledge usually attained by being thrown in a situation and told to fix it NOW.

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close