hello support and community,
we have a bunch of iot devices which are using active ftp to transfer data over a 3g vpn connection to a very old ftp server (not filezilla). it is not possible to upgrade this ftp server to a newer version.
so i installed a complete new server and want to use on this server, filezilla ftp.
everything works fine, when i use a filezilla ftp client and access over active ftp the filezilla server.
if i use the iot devices i get the following error:
[Trace] session::on_socket_event(): source = data, flag = 2, error = 107, state = 6
here is the complete log. i removed ips, username and change datastore:
<Date/Time> Info [Type] Message
<24-10-2023 15:06:31> FTP Session 195 [Trace] Session 0x23b73269460 with ID 195 created.
<24-10-2023 15:06:31> FTP Session 195 [Response] 220-FileZilla Server 1.7.2
<24-10-2023 15:06:31> FTP Session 195 [Response] 220 Please visit https://filezilla-project.org/
<24-10-2023 15:06:31> FTP Session 195 [Command] USER
<24-10-2023 15:06:31> File-based Authenticator, FTP Session: 195 [Trace] Invoked authenticate(()) on worker 0x23b726eef20, with available methods = []
<24-10-2023 15:06:31> File-based Authenticator, FTP Session: 195 [Trace] Authentication for user not complete. Remaning methods: [password]
<24-10-2023 15:06:31> File-based Authenticator, FTP Session: 195 [Trace] Worker 0x23b726eef20 created new operation 0x23b7261c6e0, with shared_user = 0x0, methods = [password], error = 0
<24-10-2023 15:06:31> FTP Session 195 [Response] 331 Please, specify the password.
<24-10-2023 15:06:31> FTP Session 195 [Command] PASS ****
<24-10-2023 15:06:31> File-based Authenticator, FTP Session: 195 [Trace] Invoked authenticate((password)) on worker 0x23b726eef20, with available methods = [password]
<24-10-2023 15:06:31> File-based Authenticator, FTP Session: 195 [Trace] Authenticating user Methods requested: (password). Available methods: [password].
<24-10-2023 15:06:31> File-based Authenticator, FTP Session: 195 [Trace] Auth method password passed for user
<24-10-2023 15:06:31> File-based Authenticator, FTP Session: 195 [Trace] impersonation_token: { username: "", home: "" }
<24-10-2023 15:06:31> File-based Authenticator, FTP Session: 195 [Trace] Authentication for user is complete.
<24-10-2023 15:06:31> File-based Authenticator, FTP Session: 195 [Trace] impersonation_token: { username: "", home: "" }
<24-10-2023 15:06:31> File-based Authenticator, FTP Session: 195 [Trace] Worker 0x23b726eef20 created new operation 0x23b7261c820, with shared_user = 0x23b71d9aa30, methods = [], error = 0
<24-10-2023 15:06:31> File-based Authenticator, FTP Session: 195 [Trace] operation 0x23b7261c820 stop() erasing worker 0x23b726eef20
<24-10-2023 15:06:31> FTP Session 195 [Response] 230 Login successful.
<24-10-2023 15:06:32> FTP Session 195 [Command] TYPE I
<24-10-2023 15:06:32> FTP Session 195 [Response] 200 Type set to I
<24-10-2023 15:06:32> FTP Session 195 [Command] PORT
<24-10-2023 15:06:32> FTP Session 195 [Response] 200 PORT command successful.
<24-10-2023 15:06:32> FTP Session 195 [Command] STOR DataStore/DATEN_.XDAT
<24-10-2023 15:06:32> FTP Session 195 /TVFS/local_filesys [Trace] open_file(E:\DataStore/DATEN_.XDAT): fd = 2160, res = 0
<24-10-2023 15:06:32> FTP Session 195 [Response] 150 Starting data transfer.
<24-10-2023 15:06:43> FTP Session 195 [Trace] session::on_socket_event(): source = data, flag = 2, error = 107, state = 6
<24-10-2023 15:06:43> FTP Session 195 [Error] Failed connection for data socket. Reason: ECONNREFUSED - Connection refused by server.
<24-10-2023 15:06:43> FTP Session 195 [Response] 425 Unable to build data connection: ECONNREFUSED - Connection refused by server
<24-10-2023 15:06:43> FTP Session 195 [Trace] session::close_data_connection(): prev data_connection_status = 2
<24-10-2023 15:06:43> FTP Session 195 [Trace] Removed done events: 0
for me it seems that the filezilla server sends the iot device a command for open the data transfer and the iot device can not understand the command.
the same iot devices can send data to the old ftp server
would really appraciate your help.
thank you very much.
kind regards
phillipp
Active FTP - Failed Connection for data Socket
Moderator: Project members
Re: Active FTP - Failed Connection for data Socket
Please update to the most recent version of FileZilla Server, then post an unmodified log from that version.
Re: Active FTP - Failed Connection for data Socket
Updated Server:
Same Problem:
Same Problem:
- FileZillaError.png (28.62 KiB) Viewed 7417 times
Re: Active FTP - Failed Connection for data Socket
another try with debug-log:
please let me know if its helpful to switch to filezilla pro.
i want to use filezilla and hope we can fix this issue.
please let me know if its helpful to switch to filezilla pro.
i want to use filezilla and hope we can fix this issue.
- Attachments
-
- FileZillaError1.png (70.58 KiB) Viewed 7414 times
Re: Active FTP - Failed Connection for data Socket
Please post unmodified logs. If you remove all diagnostic information we cannot help you.
Re: Active FTP - Failed Connection for data Socket
excuse me, im no expert, what do you mean? i make only username, filenames (customerdata ...) and internal ip adresses unreadable? detailed connection process is shown?
- authentification is working
- iot device can reach server, create file and start data transfer
- the problem is that the data_connection is not working
- there is a specific errorcode = 107
Re: Active FTP - Failed Connection for data Socket
Without seeing IP addresses, all I can tell you is to study the Network Configuration guide.
Re: Active FTP - Failed Connection for data Socket
ok, i make a new log/screenshot with ip visible. i only hide username and directory. hope this is ok for you.
for explanation the iot devices use vpn connection, firewall we have checked, no alerts/blocks there.
please note, active ftp over filezilla ftp client on windows is working without problems.
only the iot devices have an issue.
for explanation the iot devices use vpn connection, firewall we have checked, no alerts/blocks there.
please note, active ftp over filezilla ftp client on windows is working without problems.
only the iot devices have an issue.
- Attachments
-
- FileZillaLog.png (74.63 KiB) Viewed 7342 times
Re: Active FTP - Failed Connection for data Socket
Observations:
- Use of plain FTP, that's not secure, traffic might be tampered with by firewalls, NAT routers and VPN software, as well as any number of other malicious software/devices.
- Use of active mode FTP. In general it's recommended to use passive mode FTP, much simpler to configure any involved firewalls and NAT routers.
- Client does appear to know its own IP address, unless traffic has been modified by some firewall, NAT router, VPN software, or any other malicious software/device.
- Is the VPN bi-directional, ie. can the server establish connections to the client? That's how active mode works.
- Client-side firewall?
- Is the traffic being modified by some firewall, NAT router, VPN software, or any other malicious software/device? Use FTP over TLS to rule this out.
- Maybe the used client itself is broken and isn't actually capable of active mode? Try passive mode.
Re: Active FTP - Failed Connection for data Socket
Open questions:
Is the VPN bi-directional, ie. can the server establish connections to the client? That's how active mode works.
Yes
Client-side firewall?
No
Is the traffic being modified by some firewall, NAT router, VPN software, or any other malicious software/device? Use FTP over TLS to rule this out.
no traffic changes by firewall. cant change iot device configuration.
if i use a windows notebook with 3g vpn simcard i can access filezilla server with active ftp and have no problems with data connection.
this problems is only with the iot devices. for me it seems the iot devices are not answering the data connection command of ftp server how he wants it?
Maybe the used client itself is broken and isn't actually capable of active mode? Try passive mode.
Not possible. the iot devices use active ftp for years and its not possible to access them and change the config.
if it would be possible i would do this for sure. prefer passive mode too.
Is the VPN bi-directional, ie. can the server establish connections to the client? That's how active mode works.
Yes
Client-side firewall?
No
Is the traffic being modified by some firewall, NAT router, VPN software, or any other malicious software/device? Use FTP over TLS to rule this out.
no traffic changes by firewall. cant change iot device configuration.
if i use a windows notebook with 3g vpn simcard i can access filezilla server with active ftp and have no problems with data connection.
this problems is only with the iot devices. for me it seems the iot devices are not answering the data connection command of ftp server how he wants it?
Maybe the used client itself is broken and isn't actually capable of active mode? Try passive mode.
Not possible. the iot devices use active ftp for years and its not possible to access them and change the config.
if it would be possible i would do this for sure. prefer passive mode too.
Re: Active FTP - Failed Connection for data Socket
i installed the newest filezilla server to a clone of the old productive server we are using. this is a windows server 2008 R2. on this server everything works fine. i have no problems with the iot devices. the data connection is working.
After a make an inplace upgrade to Windows Server 2012R2 data connection is not working anymore.
if i install a new server with windows server 2019 and newest filezilla server is also not working.
it seems there is a change after windows Server 2008R2 in active ftp communication
i tried also other ftp solution, exact same behavior/situation.
it cant be a firewall/router/ etc. problem.
any ideas?
- Win2008R2.png (25.36 KiB) Viewed 7294 times
if i install a new server with windows server 2019 and newest filezilla server is also not working.
it seems there is a change after windows Server 2008R2 in active ftp communication
i tried also other ftp solution, exact same behavior/situation.
it cant be a firewall/router/ etc. problem.
any ideas?
Re: Active FTP - Failed Connection for data Socket
Are your IoT devices able to transfer files when connected directly to the server, with no VPN involved?
Re: Active FTP - Failed Connection for data Socket
i cant test this, sorry. the have only the possibility to connect them over 3g.
do you think its a vpn problem?
but why the iot devices can send data to the win2008r2 ftp server?
do you think its a vpn problem?
but why the iot devices can send data to the win2008r2 ftp server?
Re: Active FTP - Failed Connection for data Socket
The only bigger change in this regard is Windows Defender, which was not in the old 2008R2, at least not in this format.
No support requests over PM! You will NOT get any reply!!!
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
Re: Active FTP - Failed Connection for data Socket
Another difference might be in the operating systems' TCP/IP stack itself, maybe newer Windows versions send flags, scaling factors, or option headers in the SYN packet the IoT devices don't understand?