Are you using FTP w/SSL? If so, you basically have no choice but to use passive mode. If you can't, you probably will never get FTP w/ SSL to work. If you're NOT using FTP w/ SSL and it's just basic FTP, has your firewall been setup to "fixup" the FTP protocol? Since you're using NAT your firewall has to recognize the FTP traffic and re-write not just the packet headers (Source & Destination addresses) but also the internal data-frames of the FTP packets. FTP is an "old school" protocol that embeds source & destination addresses in the datagram. Probably a bad design decision back then, but in 1960-whatever no one envisioned NAT so.... it only became a problem many years later.
Make sure your firewall is doing "fixup" (cisco terminology, probably called something else on other products) for FTP. Good luck. ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Schuessler, Doug Sent: Wednesday, February 07, 2007 10:46 AM To: [email protected] Subject: RE: [WS_FTP Forum] Directory listing not work Our firewall rules block passive mode, so that is not an option. I am unable to access the URL provided (cannot find the server or DNS error). We use 192.168.. for our internal network. Isn't this a non-routable address? ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Claudio Robles Sent: Wednesday, February 07, 2007 7:21 AM To: [email protected] Subject: RE: [WS_FTP Forum] Directory listing not work Doug, This is probably the most common problem in FTP, can not establish data channel. In this case, the server can not connect to the client on the ip, port specified. Most of the time this is due to firewalls blocking the new connections. I would try passive mode. For more info look at this page: http://192.168.5.164/data%20channel.htm Claudio ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Schuessler, Doug Sent: Tuesday, February 06, 2007 3:57 PM To: WS_FTP Pro forum LISTSERV Cc: Carrethers, Larry Subject: [WS_FTP Forum] Directory listing not work Customer complains that directory listing doesn't work, so can only do a CD blindly. I have pasted his log below, which shows no response to LIST. I'm stumped as to why. He is using PRO 8 and connecting to SERVER 5. None of my other customers have this problem and I can't reproduce it using PRO 9. Anybody have any ideas? Finding Host sftp.1stsignal.com ... Connecting to 204.58.233.197:21 Connected to 204.58.233.197:21 in 0.050071 seconds, Waiting for Server Response 220-TCSFTP01P X2 WS_FTP Server 5.0.4 (1259873180) 220-************************************************** 220-* Access To This Computer's Information Is * 220-* Restricted To Authorized Persons Only * 220-************************************************** 220-* Unauthorized use of this information, access * 220-* by unauthorized persons, or exceeding * 220-* authorized access is computer fraud and a * 220-* violation of Federal Law (18 USC 1030). * 220-* Anyone using this system expressly consents to * 220-* computer activity monitoring and is advised * 220-* that if such monitoring reveals possible * 220-* evidence of criminal activity, system * 220-* personnel may provide the evidence of such * 220-* monitoring to law enforcement officials. * 220-************************************************** 220 TCSFTP01P X2 WS_FTP Server 5.0.4 (1259873180) Host type (1): WS_FTP Server XAUT 2 ?<819=;<=58@:?<<B?;=;9;>>;;56?:3=4896> 500 'XAUT ': command not understood by proxy. USER Affinity4 331 Password required PASS (hidden) 230-user logged in 230-Welcome Affinity4 230-You have 1 files. 230-You have received 0 files. 230-You have sent 0 files. 230 user logged in Host type (I): WS_FTP Server PWD 257 "/Affinity4" is current directory TYPE A 200 Type set to ASCII. PORT 172,16,20,55,15,140 200 command successful MLSD 500 'MLSD ': command not understood by proxy. PORT 172,16,20,55,15,141 200 command successful LIST 150 Opening ASCII data connection for directory listing PWD 257 "/Affinity4" is current directory CWD cd in 550 cd in: folder not found XCWD cd in 550 cd in: folder not found CWD /in 550 /in: folder not found XCWD /in 550 /in: folder not found CWD cd /in 550 cd /in: folder not found XCWD cd /in 550 cd /in: folder not found CWD in 250 CWD successful PWD 257 "/Affinity4/in" is current directory PORT 172,16,20,55,15,149 200 command successful LIST 150 Opening ASCII data connection for directory listing CWD 03200 250 CWD successful PWD 257 "/Affinity4/in/03200" is current directory PORT 172,16,20,55,15,152 200 command successful LIST 150 Opening ASCII data connection for directory listing CDUP 200 CDUP successful PWD 257 "/Affinity4/in" is current directory PORT 172,16,20,55,15,154 200 command successful LIST 150 Opening ASCII data connection for directory listing <<Schuessler, Doug.vcf>> http://www.realmed.com/legal/confidential.htm
