NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Bizarre ftp problems



The clients are all sun machines using command line ftp. They successfully
login, but any command after that and they get the 421 error -- including
the attempt to use pasv.

Non-passive:

> 220 merlin FTP server (SunOS 4.1) ready.
> Name (ftp.openbsd.org:root): ftp
> 331 Guest login ok, send your email address as password.
> Password:
> 230- Guest login ok, access restrictions apply.
> 230- Local time is: Tue Sep 12 12:37:26 2000
> 230
> ftp> dir
> 421 Service not available, remote server has closed connection
> ftp>

Passive attempt:

220 merlin FTP server (SunOS 4.1) ready.
Name (ftp.openbsd.org:root): ftp
331 Guest login ok, send your email address as password.
Password:
230- Guest login ok, access restrictions apply.
230- Local time is: Tue Sep 12 12:38:18 2000
230
ftp> quot pasv
227 Entering Passive Mode (129,128,5,191,164,36)
ftp> dir
421 Service not available, remote server has closed connection
ftp>

I have tried the #FTPPORT solution to remove the newline requirement, and I
have also done the commenting out of #FTP_NL_ENFORCE.

The same behaviour is exhibited by people trying to ftp into a server behind
our firewall. Looks OK, but any command attempt gives the 421 error.

Any other suggestions? I am getting an intense amount of pressure now from
people around here.

Mike

Hal Dorsman wrote:

> By "pasv mode or not", do you mean you are changing
> the option on the firewall, or in the client.  I have
> seen the same thing and tt is a client issue.  Go into
> your client setup and enable PASV mode.  This should
> fix it for you.  Some clients have pasv enabled by
> default (I think MS, and Solaris command line worked),
> but WSFTP did not, just as you described.  Enabling
> pasv in the options fixed it.
>
> Hal
>
> Hal Dorsman
> Data Network Engineer
> Blackfoot Telephone Cooperative
> Missoula, Montana, USA
> [email protected]
>>
> -----Original Message-----
> From: Mike Hoffos [mailto:[email protected]]
> Sent: Tuesday, September 12, 2000 11:46 AM
> To: [email protected]
> Subject: [FW1] Bizarre ftp problems
>
> I am having an urgent problem, and need any advice I can get.
>
> The firewall is 4.1SP2 on Solaris 7.
>
> Clients behind the firewall cannot successfully ftp out to anywhere,
> pasv mode or not. All that is returned by any server I try is 421
> Service not available (after they successfully login).
>
> Even more strange (to me, but perhaps they are related) is that ftp's
> into allowed servers behind the firewall give external clients the exact
> behaviour. Machines in front of the firewall can successfully ftp out
> (but not to NATd machines behind the firewall, then they get the 421
> error as mentioned above).
>
> As anyone seen this before? Is there a resolution?
>
> Thanks,
> Mike Hoffos
> Technical Architect
> Infocast Corporation
begin:vcard 
n:Hoffos;Mike
tel;cell:tel;fax:tel;work:x-mozilla-html:TRUE
org:Infocast/HomeBase;Architecture and Development
adr:;;Suite 1220, 855 2nd Street SW;Calgary;Alberta;T2P 4J7;Canada
version:2.1
email;internet:[email protected]
title:Senior Technical Architect
x-mozilla-cpt:;0
fn:Mike Hoffos
end:vcard


 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents � 2003 Network Presence, LLC. All rights reserved.