#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2010
    Posts
    2
    Rep Power
    0

    FTP and Winxp firewall problems


    Hi all,
    I'm a beginner to ftp. I set up an ftp server following instructions on my old Winxp SP2 machine to enable family to have access to wedding and vacation photos (there are a lot of them!).
    Everything worked great until recently where they said that they couldn't get access. They are usually using Firefox and just type in the ftp address.They now get a "425 Can't open data connection" error.
    The machine has Windows firewall running. If I turn off the firewall then everybody can access the site.
    I downloaded FileZilla ftp client and tried connecting using that but got the same error when it tried to get a listing.
    It is set up to use a Passive connection. If I uncheck that and check Active instead I can connect even with the firewall on.

    In Winxps firewall under Exceptions I see two entries for FTP Server and FTP Data with port numbers 21 and 20 and ftp checked.
    Can anyone help?

    Jeff
  2. #2
  3. No Profile Picture
    Grumpier old Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jun 2003
    Posts
    14,453
    Rep Power
    4539
    PASV ftp may have additional firewall settings necessary. Also review your FTP server settings, when I run a linux ftp server behind a router I have to make an edit in the ftp configuration file or else PASV mode provides the wrong IP to the ftp client.
    ======
    Doug G
    ======
    Bartender to Rene Descartes "have another beer?" Descartes: "I think not" and he vanished.
    --Alfred Bester
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2010
    Posts
    2
    Rep Power
    0
    Originally Posted by Doug G
    PASV ftp may have additional firewall settings necessary. Also review your FTP server settings, when I run a linux ftp server behind a router I have to make an edit in the ftp configuration file or else PASV mode provides the wrong IP to the ftp client.
    It seems to have the right ip address as it connects.
    Here is the log file for FileZilla -

    Status: Connecting to 70.44.41.222:21...
    Status: Connection established, waiting for welcome message...
    Response: 220 Microsoft FTP Service
    Command: USER anonymous
    Response: 331 Anonymous access allowed, send identity (e-mail name) as password.
    Command: PASS **************
    Response: 230 Anonymous user logged in.
    Command: SYST
    Response: 215 Windows_NT
    Command: FEAT
    Response: 500 'FEAT': command not understood
    Status: Connected
    Status: Retrieving directory listing...
    Command: PWD
    Response: 257 "/" is current directory.
    Command: TYPE I
    Response: 200 Type set to I.
    Command: PASV
    Response: 227 Entering Passive Mode (70,44,41,222,9,133).
    Command: LIST
    Response: 425 Can't open data connection.
    Error: Failed to retrieve directory listing

    Looks to be looking for port 2437.
    Does the server tell it which port to connect to?
    If so, I presume I need to make Exceptions for a range of ports?
  6. #4
  7. No Profile Picture
    Grumpier old Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jun 2003
    Posts
    14,453
    Rep Power
    4539
    Response: 227 Entering Passive Mode (70,44,41,222,9,133).
    The two numbers after the IP identify the port. Google should find you the formula

    I'm not sure you need to open ports in the firewall, but if you have a router you probably need to forward a range of ports through the router to the server.

    There's a lot I don't know about IIS FTP though, never used it myself. On my linux ftp serverm, I configured pasv ports to use a range of only 100 (a low-traffic site) and ended up having to forward a range 50000 to 50100.

    Anyway, I don't know for sure that any of this is applicable to your particular problem, there could be something else that affected your ftp server.
    ======
    Doug G
    ======
    Bartender to Rene Descartes "have another beer?" Descartes: "I think not" and he vanished.
    --Alfred Bester
  8. #5
  9. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2010
    Posts
    85
    Rep Power
    0
    Originally Posted by jpwilk
    Command: PASV
    Response: 227 Entering Passive Mode (70,44,41,222,9,133).
    Command: LIST
    Response: 425 Can't open data connection.
    Error: Failed to retrieve directory listing
    please make sure you use ACTIVE mode. You'll see your FTP can work now.

    Good luck

IMN logo majestic logo threadwatch logo seochat tools logo