| Groups | Blog | Home |
iis ftp : Passive Mode issue
website running. The problem i see is fully related to passive mode FTP, and my firewall configuration. All users inside and outside can connect if they turn off passive FTP from IE or use a ftp client such as winSCP. The server will timeout from all users trying passive mode. I have set the passive port range for IIS and opened those ports in the firewall, with no luck. One special configuration i must note is the wan IP's for the 3 sites are all run from the same NIC. I have opened up all ports to that specific IP for the ftp sites and still fails on pasv mode, and windows firewall turned off as well. The clients return connection timeout when using passive mode. I have seen other posts, with similar symptoms but, non of the suggestions seem to help. I cant put my finger on what i am missing on the config. Someone please help.
what port range you set ? without firewall locally does it works?
and without firewall - remotely on the same LAN, does it works? -- Regards, Bernard Cheah http://www.iis.net/ http://msmvps.com/blogs/bernard/ [quoted text, click to view] "Synapse120" <Synapse120@discussions.microsoft.com> wrote in message news:861E4B30-9D70-4E46-BA0B-4B76159B7BB9@microsoft.com... >I am running Windows 2003 r2 x64 SP2, and IIS 6 with 2 ftp sites and a > website running. The problem i see is fully related to passive mode FTP, > and > my firewall configuration. All users inside and outside can connect if > they > turn off passive FTP from IE or use a ftp client such as winSCP. > > The server will timeout from all users trying passive mode. I have set > the > passive port range for IIS and opened those ports in the firewall, with no > luck. > > One special configuration i must note is the wan IP's for the 3 sites are > all run from the same NIC. > > I have opened up all ports to that specific IP for the ftp sites and still > fails on pasv mode, and windows firewall turned off as well. The clients > return connection timeout when using passive mode. I have seen other > posts, > with similar symptoms but, non of the suggestions seem to help. > > I cant put my finger on what i am missing on the config. Someone please > help. > > thank you,
In IIS i set the passive port range for 5500 - 5550, and opened those ports
in the windows firewall and the network firewall with the same results. The Server is in the DMZ, and the ftp site is bound to a specific public IP. Internally and externally the site only works in active mode, Command line ftp works, telnet connection to force passive results in connection lost by remote host. From the Server it self browsing works in passive and active. The clients recieve FTP operation Timed out. I have the time out set to 400 right now. [quoted text, click to view] "Bernard Cheah [MVP]" wrote:
> what port range you set ? without firewall locally does it works? > and without firewall - remotely on the same LAN, does it works? > > -- > Regards, > Bernard Cheah > http://www.iis.net/ > http://msmvps.com/blogs/bernard/ > > > "Synapse120" <Synapse120@discussions.microsoft.com> wrote in message > news:861E4B30-9D70-4E46-BA0B-4B76159B7BB9@microsoft.com... > >I am running Windows 2003 r2 x64 SP2, and IIS 6 with 2 ftp sites and a > > website running. The problem i see is fully related to passive mode FTP, > > and > > my firewall configuration. All users inside and outside can connect if > > they > > turn off passive FTP from IE or use a ftp client such as winSCP. > > > > The server will timeout from all users trying passive mode. I have set > > the > > passive port range for IIS and opened those ports in the firewall, with no > > luck. > > > > One special configuration i must note is the wan IP's for the 3 sites are > > all run from the same NIC. > > > > I have opened up all ports to that specific IP for the ftp sites and still > > fails on pasv mode, and windows firewall turned off as well. The clients > > return connection timeout when using passive mode. I have seen other > > posts, > > with similar symptoms but, non of the suggestions seem to help. > > > > I cant put my finger on what i am missing on the config. Someone please > > help. > > > > thank you, > >
if you do a quote pasv in ftp.exe. does the calculation falls inside the
range ? -- Regards, Bernard Cheah http://www.iis.net/ http://msmvps.com/blogs/bernard/ [quoted text, click to view] "Synapse120" <Synapse120@discussions.microsoft.com> wrote in message news:FC0D3815-1E41-4633-9C0D-752CCB2639C7@microsoft.com... > In IIS i set the passive port range for 5500 - 5550, and opened those > ports > in the windows firewall and the network firewall with the same results. > The > Server is in the DMZ, and the ftp site is bound to a specific public IP. > Internally and externally the site only works in active mode, Command line > ftp works, telnet connection to force passive results in connection lost > by > remote host. From the Server it self browsing works in passive and > active. > The clients recieve FTP operation Timed out. I have the time out set to > 400 > right now. > > "Bernard Cheah [MVP]" wrote: > >> what port range you set ? without firewall locally does it works? >> and without firewall - remotely on the same LAN, does it works? >> >> -- >> Regards, >> Bernard Cheah >> http://www.iis.net/ >> http://msmvps.com/blogs/bernard/ >> >> >> "Synapse120" <Synapse120@discussions.microsoft.com> wrote in message >> news:861E4B30-9D70-4E46-BA0B-4B76159B7BB9@microsoft.com... >> >I am running Windows 2003 r2 x64 SP2, and IIS 6 with 2 ftp sites and a >> > website running. The problem i see is fully related to passive mode >> > FTP, >> > and >> > my firewall configuration. All users inside and outside can connect if >> > they >> > turn off passive FTP from IE or use a ftp client such as winSCP. >> > >> > The server will timeout from all users trying passive mode. I have set >> > the >> > passive port range for IIS and opened those ports in the firewall, with >> > no >> > luck. >> > >> > One special configuration i must note is the wan IP's for the 3 sites >> > are >> > all run from the same NIC. >> > >> > I have opened up all ports to that specific IP for the ftp sites and >> > still >> > fails on pasv mode, and windows firewall turned off as well. The >> > clients >> > return connection timeout when using passive mode. I have seen other >> > posts, >> > with similar symptoms but, non of the suggestions seem to help. >> > >> > I cant put my finger on what i am missing on the config. Someone >> > please >> > help. >> > >> > thank you, >> >> >>
If i do a quote pasv it passes both internal and externally from the network.
What does that mean? [quoted text, click to view] "Bernard Cheah [MVP]" wrote:
> if you do a quote pasv in ftp.exe. does the calculation falls inside the > range ? > > -- > Regards, > Bernard Cheah > http://www.iis.net/ > http://msmvps.com/blogs/bernard/ > > > "Synapse120" <Synapse120@discussions.microsoft.com> wrote in message > news:FC0D3815-1E41-4633-9C0D-752CCB2639C7@microsoft.com... > > In IIS i set the passive port range for 5500 - 5550, and opened those > > ports > > in the windows firewall and the network firewall with the same results. > > The > > Server is in the DMZ, and the ftp site is bound to a specific public IP. > > Internally and externally the site only works in active mode, Command line > > ftp works, telnet connection to force passive results in connection lost > > by > > remote host. From the Server it self browsing works in passive and > > active. > > The clients recieve FTP operation Timed out. I have the time out set to > > 400 > > right now. > > > > "Bernard Cheah [MVP]" wrote: > > > >> what port range you set ? without firewall locally does it works? > >> and without firewall - remotely on the same LAN, does it works? > >> > >> -- > >> Regards, > >> Bernard Cheah > >> http://www.iis.net/ > >> http://msmvps.com/blogs/bernard/ > >> > >> > >> "Synapse120" <Synapse120@discussions.microsoft.com> wrote in message > >> news:861E4B30-9D70-4E46-BA0B-4B76159B7BB9@microsoft.com... > >> >I am running Windows 2003 r2 x64 SP2, and IIS 6 with 2 ftp sites and a > >> > website running. The problem i see is fully related to passive mode > >> > FTP, > >> > and > >> > my firewall configuration. All users inside and outside can connect if > >> > they > >> > turn off passive FTP from IE or use a ftp client such as winSCP. > >> > > >> > The server will timeout from all users trying passive mode. I have set > >> > the > >> > passive port range for IIS and opened those ports in the firewall, with > >> > no > >> > luck. > >> > > >> > One special configuration i must note is the wan IP's for the 3 sites > >> > are > >> > all run from the same NIC. > >> > > >> > I have opened up all ports to that specific IP for the ftp sites and > >> > still > >> > fails on pasv mode, and windows firewall turned off as well. The > >> > clients > >> > return connection timeout when using passive mode. I have seen other > >> > posts, > >> > with similar symptoms but, non of the suggestions seem to help. > >> > > >> > I cant put my finger on what i am missing on the config. Someone > >> > please > >> > help. > >> > > >> > thank you, > >> > >> > >> > >
I just like to see if the port in use is actually within the port range you
specify p1 x 256 + p2 = ?? is it within 5500 - 5550. if you disable windows firewall does it works ? -- Regards, Bernard Cheah http://www.iis.net/ http://msmvps.com/blogs/bernard/ [quoted text, click to view] "Synapse120" <Synapse120@discussions.microsoft.com> wrote in message news:821434E6-5411-4784-BC58-8E6C2AC8D081@microsoft.com... > If i do a quote pasv it passes both internal and externally from the > network. > What does that mean? > > "Bernard Cheah [MVP]" wrote: > >> if you do a quote pasv in ftp.exe. does the calculation falls inside the >> range ? >> >> -- >> Regards, >> Bernard Cheah >> http://www.iis.net/ >> http://msmvps.com/blogs/bernard/ >> >> >> "Synapse120" <Synapse120@discussions.microsoft.com> wrote in message >> news:FC0D3815-1E41-4633-9C0D-752CCB2639C7@microsoft.com... >> > In IIS i set the passive port range for 5500 - 5550, and opened those >> > ports >> > in the windows firewall and the network firewall with the same results. >> > The >> > Server is in the DMZ, and the ftp site is bound to a specific public >> > IP. >> > Internally and externally the site only works in active mode, Command >> > line >> > ftp works, telnet connection to force passive results in connection >> > lost >> > by >> > remote host. From the Server it self browsing works in passive and >> > active. >> > The clients recieve FTP operation Timed out. I have the time out set >> > to >> > 400 >> > right now. >> > >> > "Bernard Cheah [MVP]" wrote: >> > >> >> what port range you set ? without firewall locally does it works? >> >> and without firewall - remotely on the same LAN, does it works? >> >> >> >> -- >> >> Regards, >> >> Bernard Cheah >> >> http://www.iis.net/ >> >> http://msmvps.com/blogs/bernard/ >> >> >> >> >> >> "Synapse120" <Synapse120@discussions.microsoft.com> wrote in message >> >> news:861E4B30-9D70-4E46-BA0B-4B76159B7BB9@microsoft.com... >> >> >I am running Windows 2003 r2 x64 SP2, and IIS 6 with 2 ftp sites and >> >> >a >> >> > website running. The problem i see is fully related to passive mode >> >> > FTP, >> >> > and >> >> > my firewall configuration. All users inside and outside can connect >> >> > if >> >> > they >> >> > turn off passive FTP from IE or use a ftp client such as winSCP. >> >> > >> >> > The server will timeout from all users trying passive mode. I have >> >> > set >> >> > the >> >> > passive port range for IIS and opened those ports in the firewall, >> >> > with >> >> > no >> >> > luck. >> >> > >> >> > One special configuration i must note is the wan IP's for the 3 >> >> > sites >> >> > are >> >> > all run from the same NIC. >> >> > >> >> > I have opened up all ports to that specific IP for the ftp sites and >> >> > still >> >> > fails on pasv mode, and windows firewall turned off as well. The >> >> > clients >> >> > return connection timeout when using passive mode. I have seen >> >> > other >> >> > posts, >> >> > with similar symptoms but, non of the suggestions seem to help. >> >> > >> >> > I cant put my finger on what i am missing on the config. Someone >> >> > please >> >> > help. >> >> > >> >> > thank you, >> >> >> >> >> >> >> >> >>
It falls within the specified port range, even with windows firewall disabled
it fails. I have that port range specified for that IP in the Sonicwall. In my sonicwall i also have port 20 and 21 opened also. [quoted text, click to view] "Bernard Cheah [MVP]" wrote:
> I just like to see if the port in use is actually within the port range you > specify > p1 x 256 + p2 = ?? is it within 5500 - 5550. > > if you disable windows firewall does it works ? > > -- > Regards, > Bernard Cheah > http://www.iis.net/ > http://msmvps.com/blogs/bernard/ > > > "Synapse120" <Synapse120@discussions.microsoft.com> wrote in message > news:821434E6-5411-4784-BC58-8E6C2AC8D081@microsoft.com... > > If i do a quote pasv it passes both internal and externally from the > > network. > > What does that mean? > > > > "Bernard Cheah [MVP]" wrote: > > > >> if you do a quote pasv in ftp.exe. does the calculation falls inside the > >> range ? > >> > >> -- > >> Regards, > >> Bernard Cheah > >> http://www.iis.net/ > >> http://msmvps.com/blogs/bernard/ > >> > >> > >> "Synapse120" <Synapse120@discussions.microsoft.com> wrote in message > >> news:FC0D3815-1E41-4633-9C0D-752CCB2639C7@microsoft.com... > >> > In IIS i set the passive port range for 5500 - 5550, and opened those > >> > ports > >> > in the windows firewall and the network firewall with the same results. > >> > The > >> > Server is in the DMZ, and the ftp site is bound to a specific public > >> > IP. > >> > Internally and externally the site only works in active mode, Command > >> > line > >> > ftp works, telnet connection to force passive results in connection > >> > lost > >> > by > >> > remote host. From the Server it self browsing works in passive and > >> > active. > >> > The clients recieve FTP operation Timed out. I have the time out set > >> > to > >> > 400 > >> > right now. > >> > > >> > "Bernard Cheah [MVP]" wrote: > >> > > >> >> what port range you set ? without firewall locally does it works? > >> >> and without firewall - remotely on the same LAN, does it works? > >> >> > >> >> -- > >> >> Regards, > >> >> Bernard Cheah > >> >> http://www.iis.net/ > >> >> http://msmvps.com/blogs/bernard/ > >> >> > >> >> > >> >> "Synapse120" <Synapse120@discussions.microsoft.com> wrote in message > >> >> news:861E4B30-9D70-4E46-BA0B-4B76159B7BB9@microsoft.com... > >> >> >I am running Windows 2003 r2 x64 SP2, and IIS 6 with 2 ftp sites and > >> >> >a > >> >> > website running. The problem i see is fully related to passive mode > >> >> > FTP, > >> >> > and > >> >> > my firewall configuration. All users inside and outside can connect > >> >> > if > >> >> > they > >> >> > turn off passive FTP from IE or use a ftp client such as winSCP. > >> >> > > >> >> > The server will timeout from all users trying passive mode. I have > >> >> > set > >> >> > the > >> >> > passive port range for IIS and opened those ports in the firewall, > >> >> > with > >> >> > no > >> >> > luck. > >> >> > > >> >> > One special configuration i must note is the wan IP's for the 3 > >> >> > sites > >> >> > are > >> >> > all run from the same NIC. > >> >> > > >> >> > I have opened up all ports to that specific IP for the ftp sites and > >> >> > still > >> >> > fails on pasv mode, and windows firewall turned off as well. The > >> >> > clients > >> >> > return connection timeout when using passive mode. I have seen > >> >> > other > >> >> > posts, > >> >> > with similar symptoms but, non of the suggestions seem to help. > >> >> > > >> >> > I cant put my finger on what i am missing on the config. Someone > >> >> > please > >> >> > help. > >> >> > > >> >> > thank you, > >> >> > >> >> > >> >> > >> > >> > >> > >
Mm.. with firewall disabled, internal client works?
-- Regards, Bernard Cheah http://www.iis.net/ http://msmvps.com/blogs/bernard/ [quoted text, click to view] "Synapse120" <Synapse120@discussions.microsoft.com> wrote in message news:BC617D56-C579-4271-B4D7-2D1C2F663E93@microsoft.com... > It falls within the specified port range, even with windows firewall > disabled > it fails. I have that port range specified for that IP in the Sonicwall. > In > my sonicwall i also have port 20 and 21 opened also. > > "Bernard Cheah [MVP]" wrote: > >> I just like to see if the port in use is actually within the port range >> you >> specify >> p1 x 256 + p2 = ?? is it within 5500 - 5550. >> >> if you disable windows firewall does it works ? >> >> -- >> Regards, >> Bernard Cheah >> http://www.iis.net/ >> http://msmvps.com/blogs/bernard/ >> >> >> "Synapse120" <Synapse120@discussions.microsoft.com> wrote in message >> news:821434E6-5411-4784-BC58-8E6C2AC8D081@microsoft.com... >> > If i do a quote pasv it passes both internal and externally from the >> > network. >> > What does that mean? >> > >> > "Bernard Cheah [MVP]" wrote: >> > >> >> if you do a quote pasv in ftp.exe. does the calculation falls inside >> >> the >> >> range ? >> >> >> >> -- >> >> Regards, >> >> Bernard Cheah >> >> http://www.iis.net/ >> >> http://msmvps.com/blogs/bernard/ >> >> >> >> >> >> "Synapse120" <Synapse120@discussions.microsoft.com> wrote in message >> >> news:FC0D3815-1E41-4633-9C0D-752CCB2639C7@microsoft.com... >> >> > In IIS i set the passive port range for 5500 - 5550, and opened >> >> > those >> >> > ports >> >> > in the windows firewall and the network firewall with the same >> >> > results. >> >> > The >> >> > Server is in the DMZ, and the ftp site is bound to a specific public >> >> > IP. >> >> > Internally and externally the site only works in active mode, >> >> > Command >> >> > line >> >> > ftp works, telnet connection to force passive results in connection >> >> > lost >> >> > by >> >> > remote host. From the Server it self browsing works in passive and >> >> > active. >> >> > The clients recieve FTP operation Timed out. I have the time out >> >> > set >> >> > to >> >> > 400 >> >> > right now. >> >> > >> >> > "Bernard Cheah [MVP]" wrote: >> >> > >> >> >> what port range you set ? without firewall locally does it works? >> >> >> and without firewall - remotely on the same LAN, does it works? >> >> >> >> >> >> -- >> >> >> Regards, >> >> >> Bernard Cheah >> >> >> http://www.iis.net/ >> >> >> http://msmvps.com/blogs/bernard/ >> >> >> >> >> >> >> >> >> "Synapse120" <Synapse120@discussions.microsoft.com> wrote in >> >> >> message >> >> >> news:861E4B30-9D70-4E46-BA0B-4B76159B7BB9@microsoft.com... >> >> >> >I am running Windows 2003 r2 x64 SP2, and IIS 6 with 2 ftp sites >> >> >> >and >> >> >> >a >> >> >> > website running. The problem i see is fully related to passive >> >> >> > mode >> >> >> > FTP, >> >> >> > and >> >> >> > my firewall configuration. All users inside and outside can >> >> >> > connect >> >> >> > if >> >> >> > they >> >> >> > turn off passive FTP from IE or use a ftp client such as winSCP. >> >> >> > >> >> >> > The server will timeout from all users trying passive mode. I >> >> >> > have >> >> >> > set >> >> >> > the >> >> >> > passive port range for IIS and opened those ports in the >> >> >> > firewall, >> >> >> > with >> >> >> > no >> >> >> > luck. >> >> >> > >> >> >> > One special configuration i must note is the wan IP's for the 3 >> >> >> > sites >> >> >> > are >> >> >> > all run from the same NIC. >> >> >> > >> >> >> > I have opened up all ports to that specific IP for the ftp sites >> >> >> > and >> >> >> > still >> >> >> > fails on pasv mode, and windows firewall turned off as well. The >> >> >> > clients >> >> >> > return connection timeout when using passive mode. I have seen >> >> >> > other >> >> >> > posts, >> >> >> > with similar symptoms but, non of the suggestions seem to help. >> >> >> > >> >> >> > I cant put my finger on what i am missing on the config. Someone >> >> >> > please >> >> >> > help. >> >> >> > >> >> >> > thank you, >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >>
I bound the Ftp site to the internal IP, and disabled the firewall and it
worked, as i expected it to. For my internal IP, i never configured the windows firewall for ftp, so it does fail with the firewall enabled, this is a dual NIC server. Normally the FTP site is bound to the public IP, so even internal users browse to the external address. I will do more tests on the firewall ports, but i think i have all those correct. [quoted text, click to view] "Bernard Cheah [MVP]" wrote:
> Mm.. with firewall disabled, internal client works? > > > -- > Regards, > Bernard Cheah > http://www.iis.net/ > http://msmvps.com/blogs/bernard/ > > > "Synapse120" <Synapse120@discussions.microsoft.com> wrote in message > news:BC617D56-C579-4271-B4D7-2D1C2F663E93@microsoft.com... > > It falls within the specified port range, even with windows firewall > > disabled > > it fails. I have that port range specified for that IP in the Sonicwall. > > In > > my sonicwall i also have port 20 and 21 opened also. > > > > "Bernard Cheah [MVP]" wrote: > > > >> I just like to see if the port in use is actually within the port range > >> you > >> specify > >> p1 x 256 + p2 = ?? is it within 5500 - 5550. > >> > >> if you disable windows firewall does it works ? > >> > >> -- > >> Regards, > >> Bernard Cheah > >> http://www.iis.net/ > >> http://msmvps.com/blogs/bernard/ > >> > >> > >> "Synapse120" <Synapse120@discussions.microsoft.com> wrote in message > >> news:821434E6-5411-4784-BC58-8E6C2AC8D081@microsoft.com... > >> > If i do a quote pasv it passes both internal and externally from the > >> > network. > >> > What does that mean? > >> > > >> > "Bernard Cheah [MVP]" wrote: > >> > > >> >> if you do a quote pasv in ftp.exe. does the calculation falls inside > >> >> the > >> >> range ? > >> >> > >> >> -- > >> >> Regards, > >> >> Bernard Cheah > >> >> http://www.iis.net/ > >> >> http://msmvps.com/blogs/bernard/ > >> >> > >> >> > >> >> "Synapse120" <Synapse120@discussions.microsoft.com> wrote in message > >> >> news:FC0D3815-1E41-4633-9C0D-752CCB2639C7@microsoft.com... > >> >> > In IIS i set the passive port range for 5500 - 5550, and opened > >> >> > those > >> >> > ports > >> >> > in the windows firewall and the network firewall with the same > >> >> > results. > >> >> > The > >> >> > Server is in the DMZ, and the ftp site is bound to a specific public > >> >> > IP. > >> >> > Internally and externally the site only works in active mode, > >> >> > Command > >> >> > line > >> >> > ftp works, telnet connection to force passive results in connection > >> >> > lost > >> >> > by > >> >> > remote host. From the Server it self browsing works in passive and > >> >> > active. > >> >> > The clients recieve FTP operation Timed out. I have the time out > >> >> > set > >> >> > to > >> >> > 400 > >> >> > right now. > >> >> > > >> >> > "Bernard Cheah [MVP]" wrote: > >> >> > > >> >> >> what port range you set ? without firewall locally does it works? > >> >> >> and without firewall - remotely on the same LAN, does it works? > >> >> >> > >> >> >> -- > >> >> >> Regards, > >> >> >> Bernard Cheah > >> >> >> http://www.iis.net/ > >> >> >> http://msmvps.com/blogs/bernard/ > >> >> >> > >> >> >> > >> >> >> "Synapse120" <Synapse120@discussions.microsoft.com> wrote in > >> >> >> message > >> >> >> news:861E4B30-9D70-4E46-BA0B-4B76159B7BB9@microsoft.com... > >> >> >> >I am running Windows 2003 r2 x64 SP2, and IIS 6 with 2 ftp sites > >> >> >> >and > >> >> >> >a > >> >> >> > website running. The problem i see is fully related to passive > >> >> >> > mode > >> >> >> > FTP, > >> >> >> > and > >> >> >> > my firewall configuration. All users inside and outside can > >> >> >> > connect > >> >> >> > if > >> >> >> > they > >> >> >> > turn off passive FTP from IE or use a ftp client such as winSCP. > >> >> >> > > >> >> >> > The server will timeout from all users trying passive mode. I > >> >> >> > have > >> >> >> > set > >> >> >> > the > >> >> >> > passive port range for IIS and opened those ports in the > >> >> >> > firewall, > >> >> >> > with > >> >> >> > no > >> >> >> > luck. > >> >> >> > > >> >> >> > One special configuration i must note is the wan IP's for the 3 > >> >> >> > sites > >> >> >> > are > >> >> >> > all run from the same NIC. > >> >> >> > > >> >> >> > I have opened up all ports to that specific IP for the ftp sites > >> >> >> > and > >> >> >> > still > >> >> >> > fails on pasv mode, and windows firewall turned off as well. The > >> >> >> > clients > >> >> >> > return connection timeout when using passive mode. I have seen > >> >> >> > other > >> >> >> > posts, > >> >> >> > with similar symptoms but, non of the suggestions seem to help. > >> >> >> > > >> >> >> > I cant put my finger on what i am missing on the config. Someone > >> >> >> > please > >> >> >> > help. > >> >> >> > > >> >> >> > thank you, > >> >> >> > >> >> >> > >> >> >> > >> >> > >> >> > >> >> > >> > >> > >> > >
Then it could be NAT'ing issue between public and internal IP.
I have no further info on that, sorry. -- Regards, Bernard Cheah http://www.iis.net/ http://msmvps.com/blogs/bernard/ [quoted text, click to view] "Synapse120" <Synapse120@discussions.microsoft.com> wrote in message news:BE184DF6-2594-4A3A-855A-664EF8E4098B@microsoft.com... >I bound the Ftp site to the internal IP, and disabled the firewall and it > worked, as i expected it to. For my internal IP, i never configured the > windows firewall for ftp, so it does fail with the firewall enabled, this > is > a dual NIC server. Normally the FTP site is bound to the public IP, so > even > internal users browse to the external address. I will do more tests on > the > firewall ports, but i think i have all those correct. > > "Bernard Cheah [MVP]" wrote: > >> Mm.. with firewall disabled, internal client works? >> >> >> -- >> Regards, >> Bernard Cheah >> http://www.iis.net/ >> http://msmvps.com/blogs/bernard/ >> >> >> "Synapse120" <Synapse120@discussions.microsoft.com> wrote in message >> news:BC617D56-C579-4271-B4D7-2D1C2F663E93@microsoft.com... >> > It falls within the specified port range, even with windows firewall >> > disabled >> > it fails. I have that port range specified for that IP in the >> > Sonicwall. >> > In >> > my sonicwall i also have port 20 and 21 opened also. >> > >> > "Bernard Cheah [MVP]" wrote: >> > >> >> I just like to see if the port in use is actually within the port >> >> range >> >> you >> >> specify >> >> p1 x 256 + p2 = ?? is it within 5500 - 5550. >> >> >> >> if you disable windows firewall does it works ? >> >> >> >> -- >> >> Regards, >> >> Bernard Cheah >> >> http://www.iis.net/ >> >> http://msmvps.com/blogs/bernard/ >> >> >> >> >> >> "Synapse120" <Synapse120@discussions.microsoft.com> wrote in message >> >> news:821434E6-5411-4784-BC58-8E6C2AC8D081@microsoft.com... >> >> > If i do a quote pasv it passes both internal and externally from the >> >> > network. >> >> > What does that mean? >> >> > >> >> > "Bernard Cheah [MVP]" wrote: >> >> > >> >> >> if you do a quote pasv in ftp.exe. does the calculation falls >> >> >> inside >> >> >> the >> >> >> range ? >> >> >> >> >> >> -- >> >> >> Regards, >> >> >> Bernard Cheah >> >> >> http://www.iis.net/ >> >> >> http://msmvps.com/blogs/bernard/ >> >> >> >> >> >> >> >> >> "Synapse120" <Synapse120@discussions.microsoft.com> wrote in >> >> >> message >> >> >> news:FC0D3815-1E41-4633-9C0D-752CCB2639C7@microsoft.com... >> >> >> > In IIS i set the passive port range for 5500 - 5550, and opened >> >> >> > those >> >> >> > ports >> >> >> > in the windows firewall and the network firewall with the same >> >> >> > results. >> >> >> > The >> >> >> > Server is in the DMZ, and the ftp site is bound to a specific >> >> >> > public >> >> >> > IP. >> >> >> > Internally and externally the site only works in active mode, >> >> >> > Command >> >> >> > line >> >> >> > ftp works, telnet connection to force passive results in >> >> >> > connection >> >> >> > lost >> >> >> > by >> >> >> > remote host. From the Server it self browsing works in passive >> >> >> > and >> >> >> > active. >> >> >> > The clients recieve FTP operation Timed out. I have the time out >> >> >> > set >> >> >> > to >> >> >> > 400 >> >> >> > right now. >> >> >> > >> >> >> > "Bernard Cheah [MVP]" wrote: >> >> >> > >> >> >> >> what port range you set ? without firewall locally does it >> >> >> >> works? >> >> >> >> and without firewall - remotely on the same LAN, does it works? >> >> >> >> >> >> >> >> -- >> >> >> >> Regards, >> >> >> >> Bernard Cheah >> >> >> >> http://www.iis.net/ >> >> >> >> http://msmvps.com/blogs/bernard/ >> >> >> >> >> >> >> >> >> >> >> >> "Synapse120" <Synapse120@discussions.microsoft.com> wrote in >> >> >> >> message >> >> >> >> news:861E4B30-9D70-4E46-BA0B-4B76159B7BB9@microsoft.com... >> >> >> >> >I am running Windows 2003 r2 x64 SP2, and IIS 6 with 2 ftp >> >> >> >> >sites >> >> >> >> >and >> >> >> >> >a >> >> >> >> > website running. The problem i see is fully related to >> >> >> >> > passive >> >> >> >> > mode >> >> >> >> > FTP, >> >> >> >> > and >> >> >> >> > my firewall configuration. All users inside and outside can >> >> >> >> > connect >> >> >> >> > if >> >> >> >> > they >> >> >> >> > turn off passive FTP from IE or use a ftp client such as >> >> >> >> > winSCP. >> >> >> >> > >> >> >> >> > The server will timeout from all users trying passive mode. I >> >> >> >> > have >> >> >> >> > set >> >> >> >> > the >> >> >> >> > passive port range for IIS and opened those ports in the >> >> >> >> > firewall, >> >> >> >> > with >> >> >> >> > no >> >> >> >> > luck. >> >> >> >> > >> >> >> >> > One special configuration i must note is the wan IP's for the >> >> >> >> > 3 >> >> >> >> > sites >> >> >> >> > are >> >> >> >> > all run from the same NIC. >> >> >> >> > >> >> >> >> > I have opened up all ports to that specific IP for the ftp >> >> >> >> > sites >> >> >> >> > and >> >> >> >> > still >> >> >> >> > fails on pasv mode, and windows firewall turned off as well. >> >> >> >> > The >> >> >> >> > clients >> >> >> >> > return connection timeout when using passive mode. I have >> >> >> >> > seen >> >> >> >> > other >> >> >> >> > posts, >> >> >> >> > with similar symptoms but, non of the suggestions seem to >> >> >> >> > help. >> >> >> >> > >> >> >> >> > I cant put my finger on what i am missing on the config. >> >> >> >> > Someone >> >> >> >> > please >> >> >> >> > help. >> >> >> >> > >> >> >> >> > thank you, >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >>
Don't see what you're looking for? Try a search.
|
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
December 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
December 2007
January 2008
February 2008
March 2008
April 2008
May 2008
June 2008
| home · blog · groups | Questions? Comments? Contact the dn |