Hi all, I have this teething problem with SSL implementation. Below is the following info & problem faced. The environment/configuration: 1) WS_FTP Server 3.11sits behind Checkpoint Firewall and does NAT 2) Client uses WS_FTP Pro 7.0 - no firewall 3) Client connects to server via dial-up (eg: 28.8kbps modem) 4) Ftp connection is enabled only for PORT mode (Active ftp). Passive is not enabled. 5) Client enables SSL on WS_FTP Pro Scenario: 1) Client connect to ftp server 2) Secure communication is establish (ack is sent back after client sent PORT command - indicated by code 200) 3) WS_FTP Pro automatically sends MLSD(or LIST) command to server 4) Server attempts to establish data connection on Port 20 5) Netstat revealed server's state is at "SYNC_SENT" on port 20. 6) Data connection fails The Log: AUTH SSL 234 SSL enabled and waiting for negotiation XAUT 2 <1<7?4D;6?78C;D<87<4?:D1<2<5?4D?6?81C5?<<585?3 230 user logged in Host type (I): WS_FTP Server Host type (I): WS_FTP Server PWD 257 "/users/0030" is current directory PORT 165,21,166,142,4,187 200 command successful MLSD 425 Can't open data connection. Without the firewall, I am able to connect to the server via LAN(not dial-up) using SSL. Has anyone implemented SSL on similar environment/configs as my server aboved? Has anyone face similar problems and managed to solve it? your help is greatly appreciated. regards, Jason Jason Lee Systems Executive E-Commerce DID : 65-6374-0503 TEL : 65-6272-0533 FAX : 65-6272-2334 Network For Electronic Transfers (S) Pte Ltd 298 Tiong Bahru Road #04-01/06 Central Plaza Singapore 168730 http://www.nets.com.sg ******************************************************************************** IMPORTANT NOTICE: This email and any files transmitted with it is intended only for the use of the person(s) to whom it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the intended recipient, please immediately notify the sender and delete the email. Thank you. ******************************************************************************** Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list.
