Extended Passive Mode (EPSV) works but regular PASV doesn't?

Need help with FileZilla Server? Something does not work as expected? In this forum you may find an answer.

Moderator: Project members

Post Reply
Message
Author
felciano
500 Command not understood
Posts: 3
Joined: 2007-05-21 05:03

Extended Passive Mode (EPSV) works but regular PASV doesn't?

#1 Post by felciano » 2007-05-21 05:10

Hi --

I'm trying to set up a remote script to back up my site to my local PC. I've got Filezilla Server configured and it seems to work. In particular, I can get via Active FTP as well as ESVP, using http://www.g6ftpserver.com/en/ftptest. So I'm pretty sure my router port forwarding (51000-51100) and Firewall are configured correctly.

However, when trying to log in with PASV mode using the g6ftpserver test I get:

(000004) 5/20/2007 22:06:34 PM - anonymous (87.98.200.117)> PASV
(000004) 5/20/2007 22:06:34 PM - anonymous (87.98.200.117)> 227 Entering Passive Mode (67,188,41,57,199,58)
(000004) 5/20/2007 22:06:55 PM - anonymous (87.98.200.117)> disconnected.

and the g6ftpserver test log reads:

> PASV
* Connect data stream passively
< 227 Entering Passive Mode (67,188,41,57,195,85)
* Trying 67.188.41.57... Timed out
* couldn't connect to host
* Connection #0 to host 67.188.41.57 left intact

FWIW, my broadband is through Comcast. I've tested this with different port forwarding ranges as well as with the firewall disabled, to no avail. I've also reproduced this with a demo version of the G6FTP Server, so it must be a configuration option.

Any suggestions? What is supposed to happen after it "enters" passive mode as in the log above?

Thanks!

Ramon

P.S. Unfortunately I don't have control over the backup process, which relies on PASV, else I'd tell it to use EPSV...
Top
felciano
500 Command not understood
Posts: 3
Joined: 2007-05-21 05:03

#2 Post by felciano » 2007-05-21 05:14

After perusing some of the related posts, I thought it might be helpful to post additional configuration info: I'm running XP 2002 SP2 on a NetGear WGT624v3. Norton Security's Firewall (disabled for these tests). Windows Firewall is installed but disabled.

Ramon
Top
User avatar
botg
Site Admin
Posts: 35566
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse

#3 Post by botg » 2007-05-21 08:49

Definitely a problem with your router and/or firewall. Either incorrect configuration or broken hard/software.
Top
felciano
500 Command not understood
Posts: 3
Joined: 2007-05-21 05:03

Found it (?)

#4 Post by felciano » 2007-05-22 04:40

Wow -- on a hunch I Googled "NetGear WGT624v3 passive ftp" and found http://kbserver.netgear.com/pdf/wgt624v ... 5Apr05.pdf, which includes the text "Note: When SPI Firewall is disabled, you must use the Passive mode in the PC FTP client to connect to the FTP server."

So I tried disabling SPI, and passive FTP now works. According to the NetGear docs:
------------------------
Disable SPI Firewall - The SPI (Stateful Packet Inpection) Firewall protects your LAN against Denial of Service attacks. This should only be disabled in special circumstances.
------------------------
So I'm a little nervous about this -- seems like a temporary workaround at best... Any thoughts?

Ramon
Top
cszeto
226 Transfer OK
Posts: 242
Joined: 2006-04-27 08:48
Location: Arizona, USA

#5 Post by cszeto » 2007-05-22 05:19

http://filezilla.sourceforge.net/forum/ ... php?t=3352
Microsoft MVP (2004 through 2008)
Top
Post Reply

Return to “FileZilla Server Support”