I am attempting to connect to my FileZillaServer which I have set up properly for FTPS with a generated certificate and all appropriate ports forwarded through my home firewall (21,990, 30000-30100) and everything works fine as long as my remote computer has unrestricted access to the internet.
I find myself working at a location that has a managed firewall and I am unable to download the directory structure.
Filezilla completes the handshake but cannot seem to retrieve the directory listing.
Status: Connecting to XX.XX.XX.XX:21...
Status: Connection established, waiting for welcome message...
Status: Plain FTP is insecure. Please switch to FTP over TLS.
Status: Logged in
Status: Retrieving directory listing...
Status: Directory listing of "/" successful
Status: Disconnected from server
Status: Resolving address of
Status: Connecting to XX.XX.XX.XX:21...
Status: Connection established, waiting for welcome message...
Status: Initializing TLS...
Status: Verifying certificate...
Status: TLS connection established.
Status: Logged in
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is current directory.
Command: TYPE I
Response: 200 Type set to I
Command: PASV
Response: 227 Entering Passive Mode (XX,XX,XX,XX,XX,XX)
Command: MLSD
Response: 425 Can't open data connection for transfer of "/"
Error: Failed to retrieve directory listing
Status: Disconnected from server
Needless to say I need to have a talk with the firewall management company.
Do I need to tell them that they need to allow ports 21 & 990
or do they need to open up the 30000-30100 as well?
Thanks for the help
FTP through managed firewall. slightly different question
Moderator: Project members
Re: FTP through managed firewall. slightly different question
Yes, for the data connections to work the client needs to be allowed to connect to whatever port the server desires. Since the port is assigned server-side, it's best to just allow the clients to connect to all ports in the range 1-65535.
Re: FTP through managed firewall. slightly different question
Thanks you for the reply.
Somehow I have a feeling that the firewall management company are going to Freak at opening up all the ports.
Even though I take issue with the philosophy that opening all outgoing ports is a security risk, the firewall management companies tend to operate on the idea that only about 10 ports should be necessary.
Since my filezilla server is constrained to 30000-30100 I will have them open that range as well.
Thank you again for your reply.
Cheers
Somehow I have a feeling that the firewall management company are going to Freak at opening up all the ports.
Even though I take issue with the philosophy that opening all outgoing ports is a security risk, the firewall management companies tend to operate on the idea that only about 10 ports should be necessary.
Since my filezilla server is constrained to 30000-30100 I will have them open that range as well.
Thank you again for your reply.
Cheers
Re: FTP through managed firewall. slightly different question
Oh, I guess even only mentioning FTP will already be enough to drive them up into the treetops...
No support requests over PM! You will NOT get any reply!!!
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org