FTP client Default Data Connection Ports

I'm developing a simple FTP client from the socket level. The only documents I am referring are J2SDK API and RFC 959. For the control connection I am ok, but for the data connection is not. According to the RFC 959 : "The user-process default data port is the same as the control connection port". The control connection port is used by my FTP command connection while connected to the FTP server, so how can I "listen" to the same port before I send the "RETR" command to the server ?
Pls give me a hint , Thanks
Samuel

The way I read it is that the client opens the control connection by connecting to the server control port (usually 21) from a random port. The client also listens on its own port 21. The server will eventually establish a connection from a random port to the client port 21. I may be wrong though. The best way, IMHO, to proceed, is to use a network monitor such as TCPDUMP or WINDUMP and see what other FTP clients/servers do. I also know for a fact that there are open source FTP clients and servers, even in Java.

Similar Messages

  • Ftps client and other connect to server questions

    Does anyone know if OS X has a built-in ftps (not sftp) client? Also, is there a list of supported protocols for "connect to server"? Thanks!

    apparently there is via the application Terminal...but I have no idea how to work it!

  • How do you configure the set of port to use for FTP passive data connection

    I was able to start the ftp server xml db and connect to it locally. When I tried to connect to it from home, I was able to log in but when i do a "get" command the sessions hangs. I also tried passive mode and do a "get" command and it gives me a connection refused error. I am using the default port 2100. I think this might be a firewall issue with the data connection port. I am not sure which range of ports to open for the passive ftp connection on the server side or where to go and set them for for the ftp server to use? Or this issue might not be firewall related??? Any thoughts. Thanks.

    This is a typical problem with VPN/Firewall software and FTP on ports other than 21.
    When you open the FTP data connection the FTP Server identifies which port the data will be sent on using the PORT command which is sent on the command port (typically 21 with a normal FTP server, 2100 by default with XDB). THe client then opens that PORT to accept the data (file, output of an ls etc).
    As I understand it most VPN/Firewall are configured to monitor 21 for 'PORT' requests. They then understand to allow connection on the PORT number passed on the command PORT. Hence with Port 21 firewall / VPN software is not a problem. However since the XDB command PORT is something other than 21 they do not see / honour the PORT commands from the server and hence the client cannot open the data connection on the specified PORT
    As to how to solve it, I wish I knew (After 5 years I still can't use XDB FTP from home to a machine in the office once the VPN tunnel is open :( ). I'm sure it's going to be firewall / VPN software specific and may need the VPN servers to be configured.
    The best bet would be to run the FTP server on 21...
    Add the following line to your listener.ora file
    (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP) (HOST = hostname) (PORT = 21))
    (PROTOCOL_STACK = (PRESENTATION = FTP) (SESSION = RAW)))
    and then restart the listener as root
    Start the listener as root.
    At the operating system prompt, enter tnslsnr with optional command line arguments. The usage is as follows:
    tnslsnr [listener_name] [-user user] [-group group]
    where:
    Table 4-3 tnslsnr Utility Options
    Option Description
    listener_name
    Specify the name of the listener. If omitted, the default name LISTENER will be used.
    -user user
    Specify the user whose privileges the listener will use when super user (root) privileges are not needed. After performing the privileged operations, the listener will give up root privileges irreversibly.
    -group group
    Specify the group whose privileges the listener will use when super user (root) group privileges are not needed. After performing the privileged operations, the listener will give up root group privileges irreversibly.
    The listener will temporarily switch to the provided user and group immediately after startup. All subsequent operations will be done with the specified user and group privileges, except the system calls necessary to listen on configured endpoints. The listener will revert to super user (root) for a short period of time to listen on reserved addresses, such as TCP ports less than 1024. After the listener starts listening on all of its endpoints configured in listener.ora, it will switch to the specified user and group irreversibly. Therefore, the listener will give up the root privilege that it initially had. In the current release, -user and -group command line arguments only accept user and group identifiers specified in numeric form.
    For example, to execute a root listener called mylsnr and have it use privileges of a user identified

  • Does the Built-in Windows FTP Client Support a Secure Connection?

    I have set up Server 2008 IIS w/ FTP. I set the SSL setting to require a secure connection. However, I can't connect to the FTP server from the built-in Windows FTP client. I CAN get it to work in FileZilla after modifying my connection properties.
    Does the built-in Windows FTP client support secure connections? I received a request to set this up so our internal employees can share files with external customers. Many times our customers are unable to install any kind of third party software on their
    computers.
    Thanks in advance for the help.

    Hi,
    Based on my known, the built-in FTP client does not support secure connections.
    Similar thread:
    http://social.technet.microsoft.com/Forums/windowsserver/en-US/9500d7c2-cf18-4ab1-a0cb-1e277deab33c/is-it-possible-to-connect-to-iis-75-sslrequired-ftp-site-via-windows-explorer-or-ie-?forum=winserverNIS
    If it does not help, you could ask in IIS forums as Meinolf Weber mentioned.
    Hope this helps.
    Regards.
    Vivian Wang

  • Error during RETR epilogue: FTPEx: 426 Data connection: Broken pipe

    Hi Experts,
    We have XI file to file transfer configured via the ftp...
    while im trying to upload the file from the source folder to target folder, im getting the following error: which i have tried to resolve but not able to...
    help in this regard will be greatly appreciated:
    "Could not process due to error: java.lang.IllegalStateException: Error during RETR epilogue: com.sap.aii.adapter.file.ftp.FTPEx: 426 Data connection: Broken pipe."
    Regards,
    nandan

    if I were you I would put the lines
    kkSocket.setSendBufferSize(1024);
    kkSocket.setSoTimeout (10000);
    kkSocket.setTcpNoDelay(true);
    before connecting to the server, not after the initial message was sent.

  • I'm trying to connect through the FTP client Filezilla. When I try to login with the wizard, it gives me a "503 Failure of Data Connection" reply; when I attempt to login myself, it gives me a "530 Login Authentication Failed." HELP!!!

    My current softward is: Mac OS X Lion 10.7.5 (11G63)
    When I attempt to use the Filezilla connection wizard I get the following message:
    Connecting to probe.filezilla-project.org
    Response: 220 FZ router and firewall tester ready
    USER FileZilla
    Response: 331 Give any password.
    PASS 3.7.1.1
    Response: 230 logged on.
    Checking for correct external IP address
    Retrieving external IP address from http://ip.filezilla-project.org/ip.php
    Checking for correct external IP address
    IP 27.0.19.56 ch-a-bj-fg
    Response: 200 OK
    PREP 52470
    Response: 200 Using port 52470, data token 1871898076
    PORT 27,0,19,56,204,246
    Response: 200 PORT command successful
    LIST
    Response: 150 opening data connection
    Response: 503 Failure of data connection.
    Server sent unexpected reply.
    Connection closed
    When I attempt to login Host/Username/Password myself I get the following message:
    Status:          Resolving address of amyhoney.com
    Status:          Connecting to 184.168.54.1:21...
    Status:          Connection established, waiting for welcome message...
    Response:          220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
    Response:          220-You are user number 12 of 500 allowed.
    Response:          220-Local time is now 04:05. Server port: 21.
    Response:          220-This is a private system - No anonymous login
    Response:          220 You will be disconnected after 3 minutes of inactivity.
    Command:          USER 5475****
    Response:          331 User 5475**** OK. Password required
    Command:          PASS ********************
    Response:          530 Login authentication failed
    Error:          Critical error
    Error:          Could not connect to server
    Now before anyone points out the obvious: my username and password are correct. I've already gone through changing them so I know they are.
    Additionally, I've pretty much tried EVERYTHING I've read online, from messing with "terminal" (and subsequently the FTP and STFP options) to changing the sharing options and turning on file sharing/remote management as well as just turning off my Firewall completely.
    Now I've used Filezilla before when I first published my site and everything worked fine. My site is published through Wordpress so most of my editing was done through simply logging into my "wp-login." I recently changed the theme and in order to change the header image in that theme I have to do it through my "wp-content" folder, which means I need to use Filezilla. I feel like a complete moron right now considering I've had my site for about a year and can't even doing something this simple.
    I've read that the newer version of Lion/Mountain Lion don't support automatice FTP anymore, which (as I mentioned prior) I attempted to fix through Terminal. However, nothing I do seem to do works.
    Can someone walk me through fixing this? And I do mean 'walk me through'. I'm not a tech-savvy nerd who knows all the lingo, I just know the basics so sorry if my ignorance offends you.
    HELP!!

    First be sure login and password are OK. Sometimes the address starts wit "http://..." and sometime starts with "ftp://...". Try both normal FTP access and Scure FTP access (SFTP). At the end, contact the site's provider.

  • FTP Client can not make a Data connection in Extened Passive Mode

    When i send the command "EPSV" to the FTP server , it reply with the message :
    229 Entering Extened Passive Mode (|||60238|)
    It seems the Server accept Extended Passive Mode.
    But then i send the LIST command to the server , after a few seconds i got an exception :
    java.Net.ConnectException : Connection timed out : connect
    In my Java Program, after sending the "EPSV" command to the server and receiving the port number, my program then initiate a data connection by calling : Socket dataConnection = new Socket(serverHost,serverPort) , serverHost is the host of the FTP server, and serverPort is the port that the server send me.
    I think the problem here is that the initiate of data connection is failed. But i dont know why.
    Can anyone explain for me ? I really appreciate.

    You may be a newbie, but at least your questions are intelligent.
    Abstracting the network part - yes, this can be done, but you should keep in mind that the VI will still be running on the remote target, so you should not use this to plug directly into your RT code. In these cases, a communication module is very good because it decouples the undeterministic comm from the RT code. You can do this either using a protocol, as you mentioned, or by calling the VIs running on the cFP. For example, a VI could be used as a repository by having an uninitialized shift register which maintains its value between runs (this is known as a LV2-style global) - the cFP app will write values into it and the PC app will read values from it.
    To do this, you open a reference to the application running on the cFP and then you call VIs dynamically by name. By using the Call by Reference Node you can call the VI and use its connectory pane. All the primitives you need are in the Application Control palette and you should be able to find some examples in the example finder (Help>>Find Examples) by searching for "dynamic" and other similar terms. Attached is a simpified example.
    To transfer data in a real-time target, I believe your best bet would be RT FIFOs.
    To learn more about LabVIEW, I suggest you try searching this site and google for LabVIEW tutorials. Here, here, here, here, here and here are a few you can start with and here are some tutorial videos. You can also contact your local NI office and join one of their courses.
    In addition, I suggest you read the LabVIEW style guide and the LabVIEW user manual (Help>>Search the LabVIEW Bookshelf).
    You should also follow the online communities (this one, the LAVA forums, Info LabVIEW).
    Try to take over the world!
    Attachments:
    Comm Demo.llb ‏63 KB

  • Cisco CSS not NATing FTP 'data' connection

    I have a CSS11501 that load balances traffic to 4 FTP servers.
    2 of the 4 servers also initiate outbound FTP connections (Active mode) to other servers on the internet.
    (When I talk about these 2 servers initiating a FTP session from behind a CSS I will refer them as 'client' to avoid confusion.)
    Inbound FTP traffic to all the servers work fine. The outbound Active mode FTP traffic from the 2 client is failing (passive FTP works).
    I have defined both the 'content rules' and 'groups' (source groups) for these connections.
    But what I see on the PIX is this:
    PIX515-active %PIX-4-406002: FTP port command different address: 10.1.1.15(10.1.1.16) to xx.xx.xx.70 on interface inside
    I believe this dropped packet on the PIX is the acknowledgement 'ACK' packet from the client(sitting behind the CSS) to the connection attempt from the server (on the internet) for the 'data' connection. And basically the CSS is not translating the source address of the client from 10.1.1.16 -->10.1.1.15(VIP) for this acknowledgement 'ACK' packet.
    Here is the relevant config:
    For inbound FTP:
    service ftp1
    ip address 10.x.x.10
    active
    service ftp2
    ip address 10.x.x.11
    active
    content ftp
    application ftp-control
    add service ftp1
    add service ftp2
    vip address 10.x.x.21
    active
    group ftp
    add service ftp1
    add service ftp2
    vip address 10.x.x.21
    active
    For FTP servers that initiate FTP traffic and receive FTP request as well (i.e. inbound/outbound FTP)
    service fftp1
    ip address 10.x.x.16
    active
    service fftp01
    ip address 10.x.x.17
    active
    content Fftp1 --> this does not have VIP but I tried adding a VIP same as the source group but to no avail.
    application ftp-control
    add service fftp1
    protocol tcp
    port 2021
    add service fftp01
    active
    group fget
    vip address 10.x.x.15
    add service fftp1
    add service fftp01
    active
    Inbound FTP works fine without any issues. Even outbound FTP (passive mode) works fine.
    However active mode FTP fails and I see this error on the PIX:
    PIX515-active %PIX-4-406002: FTP port command different address: 10.1.1.15(10.1.1.16) to xx.xx.xx.70 on interface inside
    What am I missing here to get active mode connections to work with the CSS so that machines sitting behind the CSS can initiate active mode FTP connections? Do I need a content rule for the "data" connection as well???

    For active FTP to work, the CSS need to inspect the FTP control connection and nat the PORT command.
    The CSS is told to do ftp inspection when you configure the 'application ftp' command.
    But for connections initiated by the servers, the traffic does not hit any rule and no inspection is to be done.
    Therefore the CSS will only nat the ip header.
    You could try to configure an ftp content rule with no vip address - to catch all ftp traffic and use a service pointing to your default gateway in transparent mode.
    Then configure 'application ftp' to force ftp inspection.
    It may work.
    Haven't tested so.
    Gilles.

  • Connect to FTP site with Apache commons net FTP client through Proxy

    Hello,
    I am trying to run this simple code to connect to FTP site through a proxy.
    import org.apache.commons.net.ftp.FTP;
    import org.apache.commons.net.ftp.FTPClient;
    public class MyTest {
    public static void main(String[] args) {
    String ftpHostName = "ftp.xxx.com";
    int ftpPort = 21;
    String ftpUserName = "myUserName";
    String ftpPassword = "myPassword";
    System.setProperty("socksProxyHost" ,"10.148.0.131");
    System.setProperty("socksProxyPort", "1080");
    FTPClient ftpClient = new FTPClient();
    try {
    System.out.println("connecting");
    ftpClient.connect(ftpHostName, ftpPort);
    System.out.println("connected");
    System.out.println("loging in");
    boolean successLogin = ftpClient.login(ftpUserName, ftpPassword);
    if(successLogin)
    System.out.println("success login");
    else
    System.out.println("fail login");
    catch (Exception e) {
    e.printStackTrace();
    finally {
    try {
    System.out.println("loging out");
    ftpClient.logout();
    System.out.println("disconecting");
    ftpClient.disconnect();
    catch (Exception e) {
    e.printStackTrace();
    I am getting the following error:
    C:\temp\ftp\test>java.exe -cp ./commons-net-ftp-2.0.jar;. MyTest connecting
    java.net.SocketException: Malformed reply from SOCKS server
    at java.net.SocksSocketImpl.readSocksReply(SocksSocketImpl.java:87)
    at java.net.SocksSocketImpl.connectV4(SocksSocketImpl.java:265)
    at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:437)
    at java.net.Socket.connect(Socket.java:519)
    at org.apache.commons.net.SocketClient.connect(SocketClient.java:176)
    at MyTest.main(MyTest.java:23)
    loging out
    java.lang.NullPointerException
    at org.apache.commons.net.ftp.FTP.sendCommand(FTP.java:471<ftp://FTP.java:471>)
    at org.apache.commons.net.ftp.FTP.sendCommand(FTP.java:534<ftp://FTP.java:534>)
    at org.apache.commons.net.ftp.FTP.sendCommand(FTP.java:583<ftp://FTP.java:583>)
    at org.apache.commons.net.ftp.FTP.quit(FTP.java:794<ftp://FTP.java:794>)
    at org.apache.commons.net.ftp.FTPClient.logout(FTPClient.java:697)
    at MyTest.main(MyTest.java:39)
    I am able to do this using a different FTP client library, ftp4j-1.5.1<ftp://ftp4j-1.5.1> using the following code:
    import it.sauronsoftware.ftp4j.FTPClient;
    import it.sauronsoftware.ftp4j.connectors.SOCKS4Connector;
    public class MyTestFtp4J {
    public static void main(String[] args) {
    String ftpHostName = "ftp.xxx.com";
    int ftpPort = 21;
    String ftpUserName = "myUserName";
    String ftpPassword = "myPassword";
    FTPClient ftpClient = new FTPClient();
    ftpClient.setConnector(new SOCKS4Connector("10.148.0.131", 1080));
    try {
    System.out.println("connecting");
    ftpClient.connect(ftpHostName, ftpPort);
    System.out.println("connected");
    System.out.println("loging in");
    ftpClient.login(ftpUserName, ftpPassword);
    System.out.println("success login");
    catch (Exception e) {
    e.printStackTrace();
    finally {
    try {
    System.out.println("disconecting");
    ftpClient.disconnect(true);
    catch (Exception e) {
    e.printStackTrace();
    So I know the proxy settings are correct.
    The java version I used to compile and run my apps is 1.6.0_06 Does anyone can help figure out what is wrong when I use the Apache commons net FTP client?
    Thank you
    Jon

    Is the old AirPort Extreme base station (AEBS)
    configured so that the option to distribute IP
    addresses is DISABLED? If so, configure the new AEBS
    to act as a bridge.
    Are you suggesting I use a set-up with TWO AEBSs? Set up a bridge (not sure how) and then use the old AEBS to connect to the DSL modem and broadcast to the new Extreme which will then be the router to the other computers on the network?
    Do you have any port mapping or default host enabled
    on the old AEBS?
    I do not understand, not do I see these options in the Base Station utitlity; perhaps they are in the FTP options--but that, I'm sorry to say, is not obvious to my inspection.
    Duane, can you give me a few more basic instructions? Thanks
    iMac 17    

  • FTPEx: 425 Possible PASV port theft, cannot open data connection..

    Hi All,
    I am getting the below the error while comminicating to FTP server.
    Delivery of the message to the application using connection File_http://sap.com/xi/XI/System failed, due to: com.sap.aii.af.ra.ms.api.RecoverableException: Possible PASV port theft, cannot open data connection.: com.sap.aii.adapter.file.ftp.FTPEx: 425 Possible PASV port theft, cannot open data connection..
    This error is random. Some times service is working is fine and some times its failed to process.
    Can any one suggest me the peramnent solution for this.
    Thanks & regards,
    Kartikeya

    Hi
      The reason for the error is
    The ip address (+port) is not same for both these operations
        - Control connection
        - Data Connection
    Changing active/passive mode settings might help (as a common solution).
    Problem can occur due to below settings,
       - FTP server/ Firewall on its side (affects Passive Mode)
       - FTP client/ Firewall on its side (affects Active Mode)
    After Initial Control connection is made, the below happens for Data connection
    When Active, the CLIENT opens a dynamic port for DC on which it would be listening, for the server to bind its source port
    When Passive, the SERVER opens a dynamic port for DC on which it would be listening for the client to bind its source port
    when the firewall on Server side does not have these ports open, you get the above error.
    The error could be because of other reasons also, but I suspect that the dynamic port is out range of the ports opened at your FTP server firewall.
    So now I think you are one step forward to fix the issue
    Regards
    Vishnu

  • FTP-client behind RRAS - unable to connect to external FTP servers

    FTP-client behind RRAS - unable to connect to external FTP servers
    A small network (10-20PCs) without any segmentation - one LAN with one Gateway.
    1. If the Gateway is some small hardware device, there are not any problems to make FTP-connections from LAN to Internet FTP-servers
    2. If the Gateway is Win2003+RRAS+NAT or Win2003+ISA2005, there are not any problems to make FTP-connections from LAN to Internet FTP-servers
    3. But if the gateway is Win2008+RAS+NAT or Win2012+RRAS+NAT, the computers in the LAN are not able to connect to Internet FTP-servers
    I made a few tests:
    1. On Win2012+RRAS+NAT
    TurnOff Windows Firewall for All profiles (Domain, Private, Public) - the problem disappears, it it possible to connect to external Internet FTP-servers.
    2. On Win2012+RRAS+NAT
    TurnOff Windows Firewall only for Domain profile - the problem disappears, it it possible to connect to Internet FTP-servers.
    3. On Win2012+RRAS+NAT
    TurnOn Windows Firewall for All profiles (Domain, Private, Public)
    But I excluded the Internal NIC in this list
    Windows Firewall / Properties / Domain Profile / Protected network connections 
    and the problem disappears again
    My question is:
    What new Firewall rule  I have to make and where to place it (to be able to make FTP-connection from LAN to Internet FTP-servers)?
    I made some attempts to allow port21, but any success.

    Thank you, but did you try this ? 
    Can you describe in detail "exclusion rule for FTP traffic" ?!
    In my previous post, I want to say that if you use Win 2008/2012 RAS+NAT as a network gateway, than it is not possible to make FTP-connections to external FTP servers from the computers behind that gateway.
    And the standard attempts to make "Allow"-rules for port 21 in the gateway firewall (Win 2008/2012), do not solve the problem.
    No matter which FTP-client you can try to use.
    To see this problem, just make few simple tests: 
    ">telnet <ftp-server> 21" 
    with firewall on/off  and inbound/outbound "Allow port 21 rule (All/Domain/Private/Public)"
    In my country, the Government Tax Department uses FTP-protocol to collect monthly data from companies. 
    And it is too stupid scenario (to be a small company and to) upgrade from Win 2003 to a newer 2008/2012 and than to not be able to make all your jobs.
    -------EDIT---------
    The same problem (and its solution) is described here:
    http://social.technet.microsoft.com/Forums/windowsserver/en-US/0c68aed6-e22b-4cd4-86bd-f3c767e88349/advanced-firewall-blocking-through-ftp-traffic-rras
    The magic command:
    ">netsh routing ip nat delete ftp"
    solved the problem for me.
    And here is the description of this command - "Disables the FTP proxy on the NAT server."
    http://technet.microsoft.com/en-us/library/cc754535(v=ws.10).aspx#BKMK_106

  • Ftp through ASA stuck @ Opening data connection

    hi,
    i have a problem with an ASA and connect from outside to an inside ftp server. The connection stuck at Opening data connection....
    [R] 227 Entering Passive Mode (<external ip>,198,49).
    [R] Opening data connection IP: <external ip> PORT: 50737
    [R] QUIT
    [R] 221  Have a nice day.
    [R] Logged off: <external ip>
    I have configured an ACL for FTP and FTP-DATA and activate inspect rule.
    Any suggestions?
    Thanks and regards
    Jason

    Hi Sankar,
    I dont know if you are able to assist as i am having a similar issue.
    I had issues in the past  connecting to external ftp sites so i created an inspection rule on my wan interfaces and ask any staff trying to connect to any ftp site to send me the ip address so i can add under the inspection rule and this has always worked for me.
    I had to do this because we also have ftp sites internally that people try to connect to from outside too.
    But lately ,i have done this for an external ftp site and it connects but doesnt list directories.
    The log message is
    terminated by inspection engine,reason -inspector drop reset.
    Below is the internal host trying to connect to the ftp server service policy command output :
    External ftp server is 81.144.145.6.
    # sh service-policy flow tcp host x.x.x.x host 81.144.145.6 eq ftp
    Global policy:
      Service-policy: global_policy
        Class-map: cmap
          Match: access-list TCP
            Access rule: permit tcp any any
          Action:
            Input flow:  set connection advanced-options tmap
        Class-map: netflow-export-class
          Match: access-list netflow-export
            Access rule: permit ip any any
          Action:
            Output flow:  flow-export event-type all destination 10.120.3.226 10.120                                                                                        .16.220
        Class-map: class-default
          Match: any
          Action:
            Output flow:
    Interface MAN_CORE_TO_WAN:
      Service-policy: STV_IPS_POLICY
        Class-map: STV_IPS_CLASS
          Match: access-list STV_IPS_ACL
            Access rule: permit ip any host 81.144.145.6
          Match: default-inspection-traffic
          Action:
            Input flow:  inspect ftp
        Class-map: class-default
          Match: any
          Action:
            Output flow:
    Interface MAN_CORE_TO_WAN_ELXSI:
      Service-policy: STV_IPS_POLICY
        Class-map: STV_IPS_CLASS
          Match: access-list STV_IPS_ACL
            Access rule: permit ip any host 81.144.145.6
          Match: default-inspection-traffic
          Action:
            Input flow:  inspect ftp
        Class-map: class-default
          Match: any
          Action:
            Output flow:
    Interface MAN_CORE-TO-WAN-THUS:
      Service-policy: STV_IPS_POLICY
        Class-map: STV_IPS_CLASS
          Match: access-list STV_IPS_ACL
            Access rule: permit ip any host 81.144.145.6
          Match: default-inspection-traffic
          Action:
            Input flow:  inspect ftp
        Class-map: class-default
          Match: any
          Action:
    I just cant understand why it has worked for tens of external ftp sites and it doesnt work for this particular one.
    Cheers

  • Data Transfer Port ranges in FTPS with SSL in File Adapter

    Hi,
    I would appreciate if you could give me pointers reagrding the below issue.
    We are on XI 3.0.
    For one interface, I have to configure the FTP File adapter to pick up the files from external server.
    The connection is secure and should be FTPS with SSL.
    I have the certificate from the 3rd party and have it installed on our XI development server.
    The change has been made in our firewall to allow the connection to the host IP and port 21 which is configured at the target party as Explicit FTPS port and they have allowed access to our Server IP in their firewall.
    I have configured other FTPS connections and they worked fine but this is the only one that has been giving me so much trouble.
    The error i get today is:
    Error occurred while connecting to the FTP server "60.234.48.106:21": java.net.SocketException: Connection reset
    Yesterday, i got the below error:
    Error occurred while connecting to the FTP server "60.234.48.106:21": iaik.security.ssl.SSLException: Server certificate rejected by ChainVerifier
    The Vendor has suggested to get the firewall ports 21 and 28000:30000 (data transfer) to be opened.
    He has also provided with the certificate passphrase additionally to the user name and password needed to make the connection.
    When i tried the connection from the XI development to the vendor server, via the Telnet, it looked like it worked.
    Please advice.
    Regards,
    Archana

    >
    Archana Singhai wrote:
    > Hi,
    > I would appreciate if you could give me pointers reagrding the below issue.
    > We are on XI 3.0.
    > For one interface, I have to configure the FTP File adapter to pick up the files from external server.
    > The connection is secure and should be FTPS with SSL.
    > I have the certificate from the 3rd party and have it installed on our XI development server.
    > The change has been made in our firewall to allow the connection to the host IP and port 21 which is configured at the target party as Explicit FTPS port and they have allowed access to our Server IP in their firewall.
    > I have configured other FTPS connections and they worked fine but this is the only one that has been giving me so much trouble.
    > The error i get today is:
    > Error occurred while connecting to the FTP server "60.234.48.106:21": java.net.SocketException: Connection reset
    > Yesterday, i got the below error:
    > Error occurred while connecting to the FTP server "60.234.48.106:21": iaik.security.ssl.SSLException: Server certificate rejected by ChainVerifier
    > The Vendor has suggested to get the firewall ports 21 and 28000:30000 (data transfer) to be opened.
    > He has also provided with the certificate passphrase additionally to the user name and password needed to make the connection.
    > When i tried the connection from the XI development to the vendor server, via the Telnet, it looked like it worked.
    > Please advice.
    > Regards,
    > Archana
    1. Open the port ranges. FTPS usually requires you to open ports in the range of 65024 through 65535 for Passive FTP data
    connections
    2. Use the CA name in the certificate. it should be same as of the host name of the FTPS server

  • Where do I find the default FTP client?

    I'd like to set the Finder back to being my default FTP client, however when I hit Go -> Connect to Server and type anything with ftp:// in front, it opens my Firefox. How do I set it to open the Finder instead?
    I know I can set the default browser in Safari but I can't see anywhere to set the default FTP.
    Thanks

    If I rebuild my launch services database won't I need to manually set all the file associations again? After all, this isn't accidental, I must have set Firefox to handle my FTP for some bizarre reason. I haven't tested whether thats true or not because I did check out the home/Library/Preferences/com.apple.launchservices.plist like you suggested.
    In there, having opened it up in PropertyList editor (knew I downloaded that for something! I found an entry LSHandlerURLScheme with the value ftp and above that LSHandlerRoleAll with the value org.mozilla.firefox.
    I checked on another machine where the Finder did open and saw the value it had in the same place was com.apple.finder so I put that in, hit save and off it goes. Perfect!
    There were other entries for sftp and others so I edited that as well.
    So thank you very much, that's exactly what I was looking for. Not exactly simple though!

  • Which ports does Webi Rich CLient use to connect to Universe etc..

    Hello together,
    we have the problem that we cannot run Rich Client from computers outside our network - so which ports does webi Rich Client use to connect to BO Serverl?.
    It will always say universe not found. Login to rich client and everything else is possible.
    It's not an authorisations problem, inside the network people can run the programs fine.
    Thank you

    Hi,
    i assume you have enable CMS port on the firewall, apart from this you need to enable IFRS and Connection Server port also.
    Regards,
    Ramu.
    Edited by: Gowda Timma Ramu on Oct 14, 2010 4:06 PM

Maybe you are looking for

  • AT SELECTION-SCREEN OUTPUT not working!

    Hi, I am useing the statement AT SELECTION-SCREEN OUTPUT to disable some input fields based on a check box(PR_FILE).however when I execute the program the changes on the screen are not reflected!I have written the AT SELECTION-SCREEN OUTPUT stmt imme

  • 'Film Rolls' View loses sort order when finding photos via Keywords or text

    I have my iPhoto Library sorted by Film Roll so when I select 'Library' in the source list I see my rolls listed in date order in the viewing area. If I try and find photos using the keywords pane or the search field the rolls which match are display

  • Style: reducing large diagrams, clearing wires, using subvis

    I've looked at the style guidelines by NI and read as many posts about LabVIEW style as I could find, but I'm still looking for more guidance on making clear, manageable diagrams for large programs. Any thoughts, common practices, or habits regarding

  • 2.0.1 Issues

    I am on firmware 2.0.1 and am having some problems with it. I have had to restore numerous times because it gets stuck on the Apple Logo, on bootup. For some reason this always happens. No matter what I do. Please help

  • SQL Developer no longer letting me look at the same table name on 2 servers

    I used to be able to look at the same table (such as; "ATS_Reminders") on both my development box and my production box at the same time. Now when I connect to both databases, if I try to open the same table on the second box, the first table closes