ftp question...

Discussion in 'Windows Desktop Systems' started by gballard, Dec 22, 2003.

  1. gballard

    gballard Moderator

    Messages:
    549
    I set up an ftp server on one of my machines yesterday and was able to ftp to it from my machine connecting to its dynamic dns name as well as from my shell account. I tried from work today and get this...

    Status: Connecting to bleh.servepics.com...
    Status: Connected with bleh.servepics.com. Waiting for welcome message...
    Response: 220 Welcome to my ftp server....play nice or you will get kicked...:p
    Command: USER bleh
    Response: 331 Password required for bleh
    Command: PASS *******
    Response: 230 Logged on
    Status: Connected
    Status: Retrieving directory listing...
    Command: PWD
    Response: 257 "/" is current directory.
    Command: PORT x,x,x,x,x,xxx
    Response: 200 Port command successful
    Command: TYPE A
    Response: 200 Type set to A
    Command: LIST
    Response: 150 Opening data channel for directory list.
    Response: 425 Can't open data connection.
    Error: Could not retrieve directory listing

    After getting this...I logged into my shell account and was able to get right into it and navigate around and so forth. I tried different modes on my ftp client here but still no go...any ideas?
    Some names and IP addresses were changed for security sake.
     
  2. LeeJend

    LeeJend Moderator

    Messages:
    5,291
    Location:
    Fort Worth, TX
    Guessing here but when we (gaming clan) have this problem it is usually with access priveleges for the hard disk. When you log in from work you are on a different domain/work group/etc.

    You would have to set the shared folder permissions to all and depend on the ftp to provide security.
     
  3. Enyo

    Enyo Moderator

    Messages:
    1,338
    Enable Passive Mode on your client and retry.
     
  4. gballard

    gballard Moderator

    Messages:
    549
    I am fairly sure its not a priveleges problem....since I am not using the FTP service in IIS. I am using FileZilla Server. I am fairly sure that would be an issue using the FTP service in IIS since it relies on username and group membership as it relates to the local computer or domain.
     
  5. gballard

    gballard Moderator

    Messages:
    549
    i did enable passive mode on the client...I tried every mode there was and still got the same thing...just puzzles me why it works fine using a unix command line ftp client.
     
  6. LeeJend

    LeeJend Moderator

    Messages:
    5,291
    Location:
    Fort Worth, TX
    You have to have the file access privileges set ON on the Hard Disk.

    Xp only allows access to files by the person who owns the account that created them (and someone logged in with admin priveleges).

    You are not logging into XP when using the FTP you are bypassing it so the files have to be opened up. Right click the folder - properties - sharing - check share this folder on the network.
     
  7. gballard

    gballard Moderator

    Messages:
    549
    I have to disagree with you on that....I can ftp into my server from my unix shell account and I can get in with no problems...so its not a file access problem...I have done some reading and I think I to forward port 20 as well.
     
  8. Zedric

    Zedric NTFS Guru Folding Team

    Messages:
    4,006
    Location:
    Sweden
    No, port 20 isn't needed. This is what you need:

    - Forward 21 (you did this apparently)
    - Forward a passive range (say 20100-20199)
    - Set the FTP server to use this range for passive (PASV) and to listen to you external IP (not 192.168.*.*).

    That should be it. Just make sure to use passive mode in the client! :)
     
  9. gballard

    gballard Moderator

    Messages:
    549
    Well I forwarded port 20 just to see and it still isn't working correctly. I did forward a passive range...I used 10000 thru 10020...to the IP address of the box on my LAN running the ftp server. I did set the ftp server to use this range for PASV and I put my external IP address in there. I also used passive mode on the client and still no go. But like I said...I can ssh to my unix shell account and then ftp to my server and get in and actually get the directory listing and navigate with no problem...this is what is so confusing to me...why does it work with a unix ftp client and not a windows ftp client?
     
  10. Zedric

    Zedric NTFS Guru Folding Team

    Messages:
    4,006
    Location:
    Sweden
    Good question. The shell server is outside the LAN right?

    My suggestion should have worked, I use it here. However, you won't be able to connect to the server from inside the network unless you connect to the external IP.
     
  11. gballard

    gballard Moderator

    Messages:
    549
    Yeah the shell server is outside my LAN. When I am at home...I can ftp to my external IP address and get in fine. But here at work...I am not able to do so. It is certainly frustrating.
     
  12. Xie

    Xie - geek - Subscribed User Folding Team

    Messages:
    5,275
    Location:
    NY, USA
    I think your reason might be your firewall at work. I did a quick search for your error code and it comfirmed it :)

     
  13. gballard

    gballard Moderator

    Messages:
    549
    hmmm...never thought of that...will get a friend of mine to try from his house and see what happens...will advise the results.
     
  14. gballard

    gballard Moderator

    Messages:
    549
    my router is a D-Link 614+ and I decided to look on their website for this problem and this is what they had in their knowledge base:

    FTP Server
    If you are hosting a FTP server behind your router, you will need to open port 20 and 21 on the router to allow traffic from the Internet in.

    Step 1 Enter 192.168.0.1 in your browser and press enter. Enter username (admin) and password (blank by default).

    Step 2 Click on Advanced and click on Virtual Server.

    Step 3 Under the Virtual Servers List, the 1st entry should be:

    Virtual Server FTP 0.0.0.0 TCP 21/21 always

    Step 4 Click on the Edit button on the right side. The line will turn yellow and the information should fill in at the top.

    Step 5 Click Enabled. Next to Private IP, enter the IP address of your computer that your are running the FTP server from (IE 192.168.0.100). Enter any scheduling options (Always).

    Step 6 Click Apply and then Continue.

    Users from the Internet will need to enter the WAN IP address of the router to get to your FTP server, not the private IP address.

    Note: If you are on your LAN and enter the WAN IP address to test your FTP server, it may not work. It is best to have a friend or family member try to connect using the WAN IP address.

    If for some reason users can connect but cannot view directories, you may need to open port 20 also. Just create a new entry and enter port 20 (TCP).


    --------------------------------------------------------------------------------
     
  15. Xie

    Xie - geek - Subscribed User Folding Team

    Messages:
    5,275
    Location:
    NY, USA
    So did that work?
     
  16. gballard

    gballard Moderator

    Messages:
    549
    well that is what i did originally...so..I would say their documentation is wrong
     
  17. Xie

    Xie - geek - Subscribed User Folding Team

    Messages:
    5,275
    Location:
    NY, USA
    well it could be that your firewall at work is blocking traffic? And there docs look fine ... they don't take into account that you might be accessing this FTP server that is behind there router from an outside location behind yet another possible firewall setup.
     
  18. gballard

    gballard Moderator

    Messages:
    549
    their docs say to forward port 20 when I told by a few folks that was not needed...oh well...will work on it when i get home...
     
  19. Zedric

    Zedric NTFS Guru Folding Team

    Messages:
    4,006
    Location:
    Sweden
    Well it's not. It's what the old FTP protocol used instead of the passive range, before PASV and PORT was introduced. But that not used anymore afaik (I don't, and it works). I thought maybe some firewall at your work was blocking, but since you're running passive that shouldn't be a problem (in the example you gave, you didn't run passive though).

    Do you have a software firewall on the FTP server by any chance?
     
  20. gballard

    gballard Moderator

    Messages:
    549
    yes there is a firewall on the machine with the ftp server...Sygate Personal Firewall...but I can still access the ftp server from my shell which is outside the LAN...so it has to be something about the firewall at work I am guessing....anyone willing to try and log in...lemme know..i have a test account set up...