FileZilla Forums

Welcome to the official discussion forums for FileZilla
Donate to project
It is currently 2014-04-19 14:29

All times are UTC




Post new topic Reply to topic  [ 40 posts ]  Go to page Previous  1, 2, 3  Next
Author Message
PostPosted: 2008-03-03 04:38 
Online
226 Transfer OK
User avatar

Joined: 2006-05-01 03:28
Posts: 19646
Location: Germany
That explains it very well. In future I simply will refer to this article instead of repeating myself over and over...

_________________
### BEGIN SIGNATURE BLOCK ###
FTP connection problems? Do yourself a favor and read Network Configuration.
All FileZilla products fully support IPv6. http://worldipv6launch.org
All support requests per PM will be ignored!
### END SIGNATURE BLOCK ###


Top
 Profile  
 
PostPosted: 2008-10-09 03:21 
Offline
500 Command not understood

Joined: 2008-10-09 03:18
Posts: 1
Opening up a custom port range for passive mode on Filezilla server worked great for me! I was getting the same error. Thanks! Brandon Joyce


Top
 Profile  
 
PostPosted: 2008-11-07 22:47 
Offline
500 Command not understood

Joined: 2008-11-07 22:41
Posts: 2
I found it!

I had FTPS configured on port 990 on my server.

My firewall (server side) would only allow connection through port 990.

So I could login but not transfer data.

My passive port range was default. So basicly I had no ports open for data transfer.

I allowed firewall trafic on port 40000, 40001 and set my range to that.

And BINGO! it works.

Of couse I had all the rest of the configuration like suggested by the wiki.

Hope this helps.

Regards,

Simon


Top
 Profile  
 
PostPosted: 2009-03-12 01:30 
Offline
500 Command not understood

Joined: 2009-03-12 01:21
Posts: 4
OK, I've read all the wiki pages and all the tricks in these postings and my problem seems to be with the Filezilla CLIENT, not the Filezilla SERVER.
The Server is running on a WS2K8 platform and with everything set to default, no custom at all, with the router port forwarding only port 20-21, I can access the server with Fetch on a Macintosh or with command-line FTP on a Windows Vista PC both of which are behind the same router/firewall but external to the Filezilla Server. The server is external, I control it via RDC.
But the Filezilla CLIENT reports the 425 error no matter what I do or where I try it from -- even from another PC on the SAME internal network as the server. Can somebody tell me why this is so?
(command-line FTP works from that same PC on the internal network. It is only Filezilla client that gets this error while trying to contact the Filezilla FTP server. I can connect to other FTP servers!)

P.S. Should have said, I'm looking to find out WHY Filezilla client was having access problems when other programs were not having a problem. I added the Filezilla Server program to the WS2K8 firewall exceptions and Filezilla cleint can now access OK. Still wondering why other clients were able to access without the firewall exception being required. Are they smarter? Or do they cheat in some way that Filezilla doesn't?


Top
 Profile  
 
PostPosted: 2009-03-12 03:05 
Online
226 Transfer OK
User avatar

Joined: 2006-05-01 03:28
Posts: 19646
Location: Germany
Quote:
my problem seems to be with the Filezilla CLIENT, not the Filezilla SERVER
Wrong. Server problem. Read on.

Quote:
The Server is running on a WS2K8 platform and with everything set to default, no custom at all, with the router port forwarding only port 20-21
Incomplete configuration. Network Configuration

Quote:
I can access the server with Fetch on a Macintosh or with command-line FTP on a Windows Vista PC both of which are behind the same router/firewall but external to the Filezilla Server
Don't know Fetch, but Windows FTP uses Active mode and only one connection. In this case your setup will work.

Quote:
But the Filezilla CLIENT reports the 425 error no matter what I do or where I try it from -- even from another PC on the SAME internal network as the server. Can somebody tell me why this is so?
Filezilla uses Passive mode by default. Any further actions open seperate connections. Only the control connection is established on port 21, all further are made on other ports (the whole port range 1025-65535 by default, but can be restricted).

Quote:
I added the Filezilla Server program to the WS2K8 firewall exceptions and Filezilla cleint can now access OK.
You just opened the whole port range for Filezilla Server.

Quote:
Still wondering why other clients were able to access without the firewall exception being required. Are they smarter? Or do they cheat in some way that Filezilla doesn't?
Neither - they are definitely not smarter and they aren't cheating. They simply connect in a way that requires no ports opened besides 21/20.

_________________
### BEGIN SIGNATURE BLOCK ###
FTP connection problems? Do yourself a favor and read Network Configuration.
All FileZilla products fully support IPv6. http://worldipv6launch.org
All support requests per PM will be ignored!
### END SIGNATURE BLOCK ###


Top
 Profile  
 
PostPosted: 2009-03-12 03:21 
Offline
500 Command not understood

Joined: 2009-03-12 01:21
Posts: 4
Quote:
I added the Filezilla Server program to the WS2K8 firewall exceptions and Filezilla cleint can now access OK.
You just opened the whole port range for Filezilla Server.

Yet, I did not open any ports other than 20/21 on the router/firewall/NAT box. So how is that Filezilla client can now get thru whereas it couldn't before? Fetch on Mac uses passive.


Top
 Profile  
 
PostPosted: 2009-03-12 05:19 
Online
226 Transfer OK
User avatar

Joined: 2006-05-01 03:28
Posts: 19646
Location: Germany
Adding an application to the exclusion list of the firewall allows this application to communicate freely. In reality it doesn't work always, but in your case it seems to.

Examine the server reply to PASV. It directs the client where to connect to.

Example (text may vary): 2009-03-12 06:12:28 - anonymous-2 (127.0.0.1) < 227 Entering Passive Mode (127,0,0,1,8,1)

The first four numbers (green) are the IP of the server. Interesting for us are the last two. Multiply the first number by 256 and add the second.

8*256+1=2049

So in my case the client will connect to 127.0.0.1, port 2049.


Now I would love to see one of Fetch...

_________________
### BEGIN SIGNATURE BLOCK ###
FTP connection problems? Do yourself a favor and read Network Configuration.
All FileZilla products fully support IPv6. http://worldipv6launch.org
All support requests per PM will be ignored!
### END SIGNATURE BLOCK ###


Top
 Profile  
 
PostPosted: 2009-03-12 07:24 
Offline
500 Command not understood

Joined: 2009-03-12 01:21
Posts: 4
boco wrote:
Adding an application to the exclusion list of the firewall allows this application to communicate freely. In reality it doesn't work always, but in your case it seems to.
Now I would love to see one of Fetch...


Thanks for all the assistance from the forum -- I will see if I can find out watch Fetch is up to.

Here's the trace;
PASV
227 Entering Passive Mode (58,173,105,17,195,89)
Making data connection to 58.173.105.17 port 50009
LIST -al
150 Connection accepted

Note: Fetch still works whether I have the Windows Server firewall open or not.
Filezilla (and Firefox browser) don't work until I open the firewall for the Filezilla Server.
I'll do a trace on Fetch when the firewall is closed as the above was with it open.
Fetch took a while to get the directory this time but still managed. Then I gave the PASV command;

227 Entering Passive Mode (58,173,105,17,195,92)
PWD
257 "/" is current directory.
TYPE A
200 Type set to A
PORT 192,168,0,3,192,159
200 Port command successful
LIST -al
.......
226 Transfer OK
PWD
257 "/" is current directory.


Top
 Profile  
 
PostPosted: 2009-03-13 00:29 
Online
226 Transfer OK
User avatar

Joined: 2006-05-01 03:28
Posts: 19646
Location: Germany
Quote:
PORT 192,168,0,3,192,159
200 Port command successful
LIST -al
.......
226 Transfer OK
PWD
257 "/" is current directory.
It didn't use Passive mode at all. PORT is Active mode. Looks like a fallback.

_________________
### BEGIN SIGNATURE BLOCK ###
FTP connection problems? Do yourself a favor and read Network Configuration.
All FileZilla products fully support IPv6. http://worldipv6launch.org
All support requests per PM will be ignored!
### END SIGNATURE BLOCK ###


Top
 Profile  
 
PostPosted: 2009-03-13 01:01 
Offline
500 Command not understood

Joined: 2009-03-12 01:21
Posts: 4
boco wrote:
Quote:
PORT 192,168,0,3,192,159
200 Port command successful
LIST -al
.......
226 Transfer OK
PWD
257 "/" is current directory.
It didn't use Passive mode at all. PORT is Active mode. Looks like a fallback.


Ahah. Saves the user needing to have a clue. Macintosh. Say no more.


Top
 Profile  
 
PostPosted: 2009-04-06 21:13 
Offline
500 Command not understood

Joined: 2009-04-06 20:57
Posts: 1
I used DLink DI-524 as my wireless router. I created cutom port range at router's firewall for FileZilla passvie FTP. However I forget to set the destination local IP address for the port range, where the FileZilla Server is resided (Maybe lazy, I just type*). so FileZilla only work on random basis, which huanted me for quite a while. Open Windows Firewall, turn off VirusScaner did not help either.

Once the custom port range (I used 5000~5100) is set correctly, I don't have "425 Can't open data connection" any more.


Top
 Profile  
 
PostPosted: 2009-07-08 03:39 
Offline
500 Command not understood

Joined: 2009-07-08 03:32
Posts: 1
boco wrote:
It's all about users not understanding the concept of FTP completely.

You need to have (Passive FTP)
-a well behaving (non-interfering) router/firewall (if at all)
-correctly limited Passive port range and set external IP in server's Passive settings
-correct port-forwarding of the server's listening port AND the Passive port range

If any of the three points fails = No go.



Thank you very much Boco! If you put this on the Wiki, most peeps would have lots less problems. Most of the time, us experienced 15+yr admins can forget these ports (maybe it's old age!). Short and sweet and to the point gets it done. Telling everyone they have a trash router is not a good answer. Tell Tim to get with it! :lol:

All joking aside, WRT-54G with DD-WRT software works great with a Win7 server I'm using. I LOVE Fileziller client AND server!


Top
 Profile  
 
PostPosted: 2009-07-08 04:52 
Offline
500 Command not understood

Joined: 2009-07-08 04:32
Posts: 1
I have this problem. First here is my log:

000035) 7/8/2009 0:46:01 AM - (not logged in) (71.178.13.9)> Connected, sending welcome message...
(000035) 7/8/2009 0:46:01 AM - (not logged in) (71.178.13.9)> 220-FileZilla Server version 0.9.32 beta
(000035) 7/8/2009 0:46:01 AM - (not logged in) (71.178.13.9)> 220-written by Tim Kosse (Tim.Kosse@gmx.de)
(000035) 7/8/2009 0:46:01 AM - (not logged in) (71.178.13.9)> 220 Please visit http://sourceforge.net/projects/filezilla/
(000035) 7/8/2009 0:46:06 AM - (not logged in) (71.178.13.9)> USER anonymous
(000035) 7/8/2009 0:46:06 AM - (not logged in) (71.178.13.9)> 331 Password required for anonymous
(000035) 7/8/2009 0:46:12 AM - (not logged in) (71.178.13.9)> PASS *******************
(000035) 7/8/2009 0:46:12 AM - (not logged in) (71.178.13.9)> 530 Login or password incorrect!
(000035) 7/8/2009 0:46:30 AM - (not logged in) (71.178.13.9)> USER michael
(000035) 7/8/2009 0:46:30 AM - (not logged in) (71.178.13.9)> 331 Password required for michael
(000035) 7/8/2009 0:46:40 AM - (not logged in) (71.178.13.9)> PASS ******
(000035) 7/8/2009 0:46:40 AM - michael (71.178.13.9)> 230 Logged on
(000035) 7/8/2009 0:46:53 AM - michael (71.178.13.9)> SYST
(000035) 7/8/2009 0:46:53 AM - michael (71.178.13.9)> 215 UNIX emulated by FileZilla
(000035) 7/8/2009 0:46:53 AM - michael (71.178.13.9)> PWD
(000035) 7/8/2009 0:46:53 AM - michael (71.178.13.9)> 257 "/" is current directory.
(000035) 7/8/2009 0:46:53 AM - michael (71.178.13.9)> TYPE I
(000035) 7/8/2009 0:46:53 AM - michael (71.178.13.9)> 200 Type set to I
(000035) 7/8/2009 0:46:53 AM - michael (71.178.13.9)> PASV
(000035) 7/8/2009 0:46:53 AM - michael (71.178.13.9)> 227 Entering Passive Mode (192,168,1,150,195,82)
(000035) 7/8/2009 0:46:53 AM - michael (71.178.13.9)> SIZE /
(000035) 7/8/2009 0:46:53 AM - michael (71.178.13.9)> 550 File not found
(000035) 7/8/2009 0:46:53 AM - michael (71.178.13.9)> MDTM /
(000035) 7/8/2009 0:46:53 AM - michael (71.178.13.9)> 550 File not found
(000035) 7/8/2009 0:46:53 AM - michael (71.178.13.9)> RETR /
(000035) 7/8/2009 0:46:53 AM - michael (71.178.13.9)> 550 File not found
(000035) 7/8/2009 0:46:53 AM - michael (71.178.13.9)> PASV
(000035) 7/8/2009 0:46:53 AM - michael (71.178.13.9)> 227 Entering Passive Mode (192,168,1,150,195,83)
(000035) 7/8/2009 0:46:53 AM - michael (71.178.13.9)> CWD /
(000035) 7/8/2009 0:46:53 AM - michael (71.178.13.9)> 250 CWD successful. "/" is current directory.
(000035) 7/8/2009 0:46:53 AM - michael (71.178.13.9)> LIST
(000035) 7/8/2009 0:47:04 AM - michael (71.178.13.9)> 425 Can't open data connection.
(000035) 7/8/2009 0:47:07 AM - michael (71.178.13.9)> disconnected.

My windows firewall on the server is off right now, in order to not have to deal with it.

On my router, I have it forwarding Port any ->21 and 50000-51000.
Here is the rule as it looks in my router settings:

FTP - TCP Any -> 21
Application - TCP 50000-51000 -> 50000-51000

When I FTP in using the local LAN ip address, it works fine.

So what gives. Why can't I connect via FTP? I tried this on both a windows and mac. I used Firefox to logon to the FTP.

Help me out here please.


Top
 Profile  
 
PostPosted: 2009-07-08 07:31 
Offline
Site Admin
User avatar

Joined: 2004-02-23 20:49
Posts: 22535
Read the Network Configuration guide. Multiple times if needed, the information you seek is in there.


Top
 Profile  
 
PostPosted: 2009-07-09 00:26 
Online
226 Transfer OK
User avatar

Joined: 2006-05-01 03:28
Posts: 19646
Location: Germany
mrod305 wrote:
(000035) 7/8/2009 0:46:53 AM - michael (71.178.13.9)> 227 Entering Passive Mode (192,168,1,150,195,83)
The used port (50003) is correct within the Passive range. But the server is sending the wrong IP (192.168.1.150 is in Private IP range Class C 192.168.1.0/24). You must tell Filezilla Server the external IP (WAN IP of the router) in Passive settings. Best would be to use the 'Retrieve' setting.

_________________
### BEGIN SIGNATURE BLOCK ###
FTP connection problems? Do yourself a favor and read Network Configuration.
All FileZilla products fully support IPv6. http://worldipv6launch.org
All support requests per PM will be ignored!
### END SIGNATURE BLOCK ###


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 40 posts ]  Go to page Previous  1, 2, 3  Next

All times are UTC


Who is online

Users browsing this forum: Bing [Bot] and 10 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Dedicated server provided by Artmotion.
Forum sponsored by Everyware.ch.
Powered by phpBB® Forum Software © phpBB Group