"Dan Getz, Jr." <DanGetzJr@discussions.microsoft.com> wrote in message
news:D312799E-6ED0-4AD1-BF5B-FA9780842B66@microsoft.com...
> From what I've read / can tell, it sounds like it could be a firewall
> issue
> with Routing and Remote Access not sending the PASV command, but I'm not
> sure. Any and all help is appreciated.
>
> "Dan Getz, Jr." wrote:
>
>> Our public server (server1) is a Windows 2003 SBS server running IIS (but
>> not
>> FTP) and the firewall/NAT in Routing and Remote Access. We've got a
>> private
>> file server (server2) on the same domain running Windows 2003 server with
>> IIS
>> (including FTP). We want to allow our outside workers to FTP files to a
>> section of the file server. Now, this was working at one point, I
>> believe,
>> and it was probably a windows update that got installed that messed this
>> up,
>> but I'm not sure.
>>
>> From the local network or over VPN I can FTP to the private server using
>> server2.domain.com which gets mapped to a private IP address. I can log
>> in
>> and list the files (dir).
>>
>> From outside of the network, I can FTP to the private server using
>> server1.domain.com which gets mapped to the public IP address and
>> forwarded
>> to the private address of server2. I can log in, but I can't send it any
>> commands such as dir. If I try using dir it won't list the files so I
>> ctrl +
>> c to stop it and I get the following:
>>
>> ftp> dir
>> 200 PORT command successful.
>> 150 Opening ASCII mode data connection for /bin/ls.
>> Aborting any active data connections...
>> 425 Can't open data connection.
>>
>> From what I've read, I assumed it was a firewall setting (I'm logging in
>> as
>> a domain admin for testing), but that seems to be set correctly.
>>
>> On server1 I have the following ports forwarding to server2: 20, 21,
>> 5500,
>> 5501, 5502, 5503, 5504, 5505
>>
>> On server2 I have the following ports open: 20, 21, 5500, 5501, 5502,
>> 5503,
>> 5504, 5505
>>
>> On server2, I have PassivePortRange="5500-5505"
>>
>> Any ideas? I would love to have them just VPN in and put the files in
>> the
>> directory but one doesn't need that much access and the other has VPN
>> blocked
>> where he's working from.

"Dan Getz, Jr." <DanGetzJr@discussions.microsoft.com> wrote in message
news:9FF3FEF0-FD38-4DC3-A962-E2F59706058F@microsoft.com...
> thanks for responding. I was the only one (or at most one of three) that
> would have been using FTP at that time. Turns out that it did work, but
> just
> had to have long timeouts. We just got a T1 line and my coworker said
> that
> it has been working much faster now.
>
> Thanks.
>
> "Bernard Cheah [MVP]" wrote:
>
>> Could be. Now, you only have 5 available ports in the port range. try to
>> increase it...
>> you will get the same error if it runs out of port.
>>
>> --
>> Regards,
>> Bernard Cheah
>> http://www.iis-resources.com/
>> http://www.iiswebcastseries.com/
>> http://www.msmvps.com/blogs/bernard/
>>
>>
>> "Dan Getz, Jr." <DanGetzJr@discussions.microsoft.com> wrote in message
>> news:D312799E-6ED0-4AD1-BF5B-FA9780842B66@microsoft.com...
>> > From what I've read / can tell, it sounds like it could be a firewall
>> > issue
>> > with Routing and Remote Access not sending the PASV command, but I'm
>> > not
>> > sure. Any and all help is appreciated.
>> >
>> > "Dan Getz, Jr." wrote:
>> >
>> >> Our public server (server1) is a Windows 2003 SBS server running IIS
>> >> (but
>> >> not
>> >> FTP) and the firewall/NAT in Routing and Remote Access. We've got a
>> >> private
>> >> file server (server2) on the same domain running Windows 2003 server
>> >> with
>> >> IIS
>> >> (including FTP). We want to allow our outside workers to FTP files to
>> >> a
>> >> section of the file server. Now, this was working at one point, I
>> >> believe,
>> >> and it was probably a windows update that got installed that messed
>> >> this
>> >> up,
>> >> but I'm not sure.
>> >>
>> >> From the local network or over VPN I can FTP to the private server
>> >> using
>> >> server2.domain.com which gets mapped to a private IP address. I can
>> >> log
>> >> in
>> >> and list the files (dir).
>> >>
>> >> From outside of the network, I can FTP to the private server using
>> >> server1.domain.com which gets mapped to the public IP address and
>> >> forwarded
>> >> to the private address of server2. I can log in, but I can't send it
>> >> any
>> >> commands such as dir. If I try using dir it won't list the files so I
>> >> ctrl +
>> >> c to stop it and I get the following:
>> >>
>> >> ftp> dir
>> >> 200 PORT command successful.
>> >> 150 Opening ASCII mode data connection for /bin/ls.
>> >> Aborting any active data connections...
>> >> 425 Can't open data connection.
>> >>
>> >> From what I've read, I assumed it was a firewall setting (I'm logging
>> >> in
>> >> as
>> >> a domain admin for testing), but that seems to be set correctly.
>> >>
>> >> On server1 I have the following ports forwarding to server2: 20, 21,
>> >> 5500,
>> >> 5501, 5502, 5503, 5504, 5505
>> >>
>> >> On server2 I have the following ports open: 20, 21, 5500, 5501, 5502,
>> >> 5503,
>> >> 5504, 5505
>> >>
>> >> On server2, I have PassivePortRange="5500-5505"
>> >>
>> >> Any ideas? I would love to have them just VPN in and put the files in
>> >> the
>> >> directory but one doesn't need that much access and the other has VPN
>> >> blocked
>> >> where he's working from.
>>
>>
>>