Hi
Hope someone can help me - i have compiled lftp-3.7.13 with openssl-0.9.8k on an aix 5.3 machine using gcc. When I try to connect to the remote host using TLS the initial handshake works fine but it cannot open a data port. If I use lftp in regular mode there is no problem with using the data port. My current settings are: set ftp:passive-mode no set ftp:ssl-allow yes set ftp:ssl-auth TLS set ftp:ssl-force true set ftp:ssl-protect-data yes set ftp:ssl-protect-list yes set ftp:use-mdtm no set ftp:use-size no set ssl:cert-file ./cert.pem set ssl:key-file ./key.pem Session log: ---> FEAT <--- 211- Extensions supported: <--- AUTH TLS <--- PBSZ <--- PROT <--- CCC <--- 211 END ---> AUTH TLS <--- 234 AUTH command accepted ---> USER ftp Certificate depth: 0; subject: /C=GB/ST=UK/L=xxxx/O=xxxxx/OU=xxxxx/CN=xxxxx/emailAddress=xxxxxx; issuer: /C=GB/ST=xx/L=xxx/O=xxx/OU=xxx/CN=xxxxxx/emailAddress=xxxxx WARNING: Certificate verification: self signed certificate <--- 331 User name is OK. Password needed for:ftp ---> PASS XXXX <--- 230 User logged in ---> PWD <--- 502 Command not implemented ---> PBSZ 0 <--- 200 PBSZ command successful ---> PROT P <--- 200 PROT command successful ---> TYPE I <--- 200 Type set to 'I' ---> PORT 10,165,192,26,252,246 <--- 200 'PORT' command OK. IP and Port set as:10.165.192.26:64758 ---> RETR /dev/tfs/BiiStaExpA <--- 150 BINARY data connection established for 'RETR' <--- 425 Cannot open data connection ---- Closing data socket ---> PORT 10,165,192,26,253,9 <--- 200 'PORT' command OK. IP and Port set as:10.165.192.26:64777 ---> RETR /dev/tfs/BiiStaExpA <--- 150 BINARY data connection established for 'RETR' <--- 425 Cannot open data connection ---- Closing data socket ---> PORT 10,165,192,26,253,26 <--- 200 'PORT' command OK. IP and Port set as:10.165.192.26:64794 ---> RETR /dev/tfs/BiiStaExpA <--- 150 BINARY data connection established for 'RETR' <--- 425 Cannot open data connection Hoping someone can point me in the right direction My network admin colleague made the following observation "its odd we send you a syn packet, and expecting back a syn_ack but your client sends us a reset ack instead to close the connection. Do you see anything on your logs for a reason why?" Many thanks in advance. Craig _________________________________________________________________ View your Twitter and Flickr updates from one place – Learn more! http://clk.atdmt.com/UKM/go/137984870/direct/01/
