FTP failure

UNIX for Advanced & Expert Users
1

Hi,

We have a external vendor (outside firewall), who used to connect our ftp server till 2 days back. I am not able to figure out, what was changed. Now he is not able to login. When I login to ftp server (from inside firewall), I am able to connect with credentials. When that vendor login to it, it come out with below messages :-

Status:                   Resolving address of ftps.xxxxxx.com
Status:                   Connecting to 65.221.21.24:21...
Status:                   Connection established, waiting for welcome message...
Status:                   Initializing TLS...
Status:                   Verifying certificate...
Status:                   TLS connection established.
Status:                   Server does not support non-ASCII characters.
Status:                   Connected
Status:                   Retrieving directory listing...
Command:              PWD
Response:               257 "/" is your current location
Command:              TYPE I
Response:               200 TYPE is now 8-bit binary
Command:              PASV
Response:               227 Entering Passive Mode (65,221,21,24,195,184)
Command:              MLSD
Error:                    The data connection could not be established: ECONNREFUSED - Connection refused by server
Error:                    Connection timed out after 20 seconds of inactivity
Error:                    Failed to retrieve directory listing

Any pointers or hint, where can I check more ?

2

Do you have to use PASV?

3

I am not sure. I will check with him, if they can go without PASV. But they have been using it since past more than a year same way.
Can this be an issue ?

4

The problem appears to be on the remote side. Some firewalls have to be set to allow passive versus passive. Passive requires an open port, above 1023 and it will ask for any valid port number. This can be a problem on the server side. When port blocking is active. Since you had an active session going until PASV was issued I am guessing the problem starts there.

This is more than I can post here so have a read:
Active FTP vs. Passive FTP, a Definitive Explanation

2 Likes
5

I will check tomorrow with non passive mode and try to debug, where it breaks.