425 Can't open data connection for transfer of "/" Error:Failed to retrieve directory listing

Need help with FileZilla Server? Something does not work as expected? In this forum you may find an answer.

Moderator: Project members

Post Reply
Message
Author
syahmed
504 Command not implemented
Posts: 6
Joined: 2020-10-28 08:59
First name: syed
Last name: ahmed

425 Can't open data connection for transfer of "/" Error:Failed to retrieve directory listing

#1 Post by syahmed » 2020-10-28 12:13

I have a AWS Instance which is behind the fortigate firewall. The FTP does not work if the instance is behind the firewall and below are the errors I get on Client and Server of Filezilla

On the CLient Side
Response: 227 Entering Passive Mode
Command: MLSD
425 Can't open data connection for transfer of "/"
Error: Failed to retrieve directory listing

ON the server side
(000042)28/10/2020 15:09:52 PM - geidea (172.32.1.10)> 230 Logged on
(000042)28/10/2020 15:09:52 PM - geidea (172.32.1.10)> PWD
(000042)28/10/2020 15:09:52 PM - geidea (172.32.1.10)> 257 "/" is current directory.
(000042)28/10/2020 15:09:52 PM - geidea (172.32.1.10)> TYPE I
(000042)28/10/2020 15:09:52 PM - geidea (172.32.1.10)> 200 Type set to I
(000042)28/10/2020 15:09:52 PM - geidea (172.32.1.10)> PASV
(000042)28/10/2020 15:09:52 PM - geidea (172.32.1.10)> 227 Entering Passive Mode (IP Address)
(000042)28/10/2020 15:09:52 PM - geidea (172.32.1.10)> MLSD
(000042)28/10/2020 15:10:02 PM - geidea (172.32.1.10)> 425 Can't open data connection for transfer of "/"

User avatar
botg
Site Admin
Posts: 33233
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse
Contact:

Re: 425 Can't open data connection for transfer of "/" Error:Failed to retrieve directory listing

#2 Post by botg » 2020-10-28 14:40

All diagnostic information has been corrupted. Please post a complete an unmodified log.

syahmed
504 Command not implemented
Posts: 6
Joined: 2020-10-28 08:59
First name: syed
Last name: ahmed

Re: 425 Can't open data connection for transfer of "/" Error:Failed to retrieve directory listing

#3 Post by syahmed » 2020-11-01 12:31

Logs attached for the error.

Status: Connecting to 18.190.140.8:21...
Status: Connection established, waiting for welcome message...
Status: Insecure server, it does not support FTP over TLS.
Status: Logged in
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is current directory.
Command: TYPE I
Response: 200 Type set to I
Command: PASV
Response: 227 Entering Passive Mode (172,32,0,10,198,99)
Command: MLSD
Response: 425 Can't open data connection for transfer of "/"
Error: Failed to retrieve directory listing
Attachments
fzs-2020-11-01.log
(539.4 KiB) Downloaded 6 times

User avatar
boco
Contributor
Posts: 25325
Joined: 2006-05-01 03:28
Location: Germany

Re: 425 Can't open data connection for transfer of "/" Error:Failed to retrieve directory listing

#4 Post by boco » 2020-11-02 00:19

The IP shown in the PASV response is incorrect, 172.32.0.10 is a private IP address (former private Class B range). That IP will not work over the Internet.

You must have the server return the public IP in the PASV response, which would be 18.190.140.8. As you say this is an actual web server (with a static IP), just enter that IP into the "Use the following IP" field (FileZilla Server Passive settings).

And, you should really activate and use FTP over TLS.
### BEGIN SIGNATURE BLOCK ###
No support requests per PM! You will NOT get any reply!!!
FTP connection problems? Do yourself a favor and read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
### END SIGNATURE BLOCK ###

syahmed
504 Command not implemented
Posts: 6
Joined: 2020-10-28 08:59
First name: syed
Last name: ahmed

Re: 425 Can't open data connection for transfer of "/" Error:Failed to retrieve directory listing

#5 Post by syahmed » 2020-11-02 03:33

I have done that already and still the same issue.
Attachments
ftp-passive mode.PNG
ftp-passive mode.PNG (326.04 KiB) Viewed 279 times

syahmed
504 Command not implemented
Posts: 6
Joined: 2020-10-28 08:59
First name: syed
Last name: ahmed

Re: 425 Can't open data connection for transfer of "/" Error:Failed to retrieve directory listing

#6 Post by syahmed » 2020-11-02 03:36

And another strange thing that I have noticed is that when I use port 2121 as a listener on the FTP server and use the same on the FTP client, it works perfectly fine.
Attachments
ftp-port-21.PNG
ftp-port-21.PNG (90.25 KiB) Viewed 279 times

User avatar
boco
Contributor
Posts: 25325
Joined: 2006-05-01 03:28
Location: Germany

Re: 425 Can't open data connection for transfer of "/" Error:Failed to retrieve directory listing

#7 Post by boco » 2020-11-02 04:00

In that case, your firewall fucks it up. Unfortunately, that's a common occurrence. Using a different port from the default (firewall watches only default ports) and/or using FTP over TLS (FTPS, firewall cannot read traffic) will work around this.

Read the chapter about malicious firewalls in the Network Configuration.
### BEGIN SIGNATURE BLOCK ###
No support requests per PM! You will NOT get any reply!!!
FTP connection problems? Do yourself a favor and read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
### END SIGNATURE BLOCK ###

syahmed
504 Command not implemented
Posts: 6
Joined: 2020-10-28 08:59
First name: syed
Last name: ahmed

Re: 425 Can't open data connection for transfer of "/" Error:Failed to retrieve directory listing

#8 Post by syahmed » 2020-11-03 11:53

I have configured another similar Fortigate FIrewall and an a new AWS Instance is behind this firewall. File Zilla Server is installed and configured on this AWS instance and now I am able to successfully connect and establish the connection using port 21. Where as in the previous scenario I was unable to connect using the same scenario and port 21.

FTP Client results from successful connection:
Status: Connection established, waiting for welcome message...
Status: Insecure server, it does not support FTP over TLS.
Status: Logged in
Status: Retrieving directory listing...
Status: Server sent passive reply with unroutable address. Using server address instead.
Status: Directory listing of "/" successful


FTP Client results from unsuccessful connection:
Status: Connecting to 18.190.140.8:21...
Status: Connection established, waiting for welcome message...
Status: Insecure server, it does not support FTP over TLS.
Status: Logged in
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is current directory.
Command: TYPE I
Response: 200 Type set to I
Command: PASV
Response: 227 Entering Passive Mode (172,32,0,10,195,114)
Command: MLSD
Response: 425 Can't open data connection for transfer of "/"
Error: Failed to retrieve directory listing
Attachments
ftp-unsuccessful.PNG
ftp-unsuccessful.PNG (66.96 KiB) Viewed 230 times
ftp-successful.PNG
ftp-successful.PNG (52.48 KiB) Viewed 230 times

syahmed
504 Command not implemented
Posts: 6
Joined: 2020-10-28 08:59
First name: syed
Last name: ahmed

Re: 425 Can't open data connection for transfer of "/" Error:Failed to retrieve directory listing

#9 Post by syahmed » 2020-11-03 12:02

and on the successful connection this is something I have found different:
Attachments
unroutable address.PNG
unroutable address.PNG (30.59 KiB) Viewed 229 times

Post Reply