FTP client on Router
Hello All,
I am trying to test file transfer via ftp client on the 2811 router and 3550 switch. I am using a very small adhoc ftp server (ftpdmin) on my laptop. However I get strange error that I am not able to find resolution. The Root Directory for FTP has read / write permissions to everyone.
Here is some capture of the ftp logs as well as router / switch command that I am trying to test:
Switch#copy run ftp://10.10.10.1
Address or name of remote host [10.10.10.1]?
Destination filename [switch-confg]?
Writing switch-confg
%Error writing ftp://10.10.10.1/switch-confg (Undefined error)
And on Laptop:
C:\>ftpdmin C:/TFTP-Root
ftpdmin v. 0.96 Jun 7 2004
Using 'C:\TFTP-Root' as root directory
ftpdmin ready to accept connections on ftp://10.10.10.1
220 Minftpd ready
USER anonymous
331 pretend login accepted
PASS [email protected]
230 fake user logged in
TYPE I
200 Type set to I
PORT 10,10,10,6,42,253
200 PORT command successful
STOR switch-confg
150 Opening BINARY mode data connection
connect() failed: No error
550 No error
What could be wrong? There is no firewall or anything else that is blocking. I have tested both ftp passive and active on router.
Please advise as I am planning to do IOS upgrades on 2811and 1841 routers on a VPN network remotely from HQ and want to make sure that the large images get transfered soonest possible (I have to delete existing images to be able to accomodate the new image, and in absence of any image on flash, I want to make sure that new image is transfered soonest via FTP rather than using TFTP byte by byte and wait and acknowledgement protocol. I am also not sure if tftpd32 or any other tftp server and cisco routers themselves will permit larger than 32MB images to be transfered over tftp.
Much thanks.
Folks, I was able to resolve this issue.
But I find is that contrary to but I had read that default passive does not work very well, and we need to set router / switch to active mode with "no ip ftp passive", I removed that and with default passive mode, it works fine now with my little adhoc FTPDMIN written by Matthias Wandel (http://www.sentex.net/~mwandel/ftpdmin/).
I had earlier tried other ftp servers (and had tried default passive mode) and it wwas not working.
Thanks and have a great day.
Similar Messages
-
Cannot configure wrt54gs v6 router for use with filezilla FTP client
I am new to working with FTP and very rusty on networking in general. I just downloaded filezilla to create a FTP client on my desktop. When I run their wizard, it says the connection is tainted by my router. All the forums for filezilla say I need to configure my router to allow traffic on either port 21 (ftp) or a range of ports ( they suggest 50000 to 50100).
Please let me know what I need to do to make this work
thanks in advance
ldygunnerTo answer your other questions, the tutorials have it all wrong. What they really need to explain, but fail to do so, is that the only situation where a FTP client would need to use active mode (the PORT command) is where the FTP server can't accept inbound connections on arbitrary port numbers. But that's a pathological case anyway: the FTP server can always accept connections on some well defined set of port numbers, to keep its own local firewall or NAT router happy. Consequently, there is really no need at all for a FTP client system to open up any ports to support active mode, rather than always operate in passive mode (as browsers do.)
The fact of the matter is that if passive mode works in a browser for you, it will work for Filezilla also.
And the configuration tests it runs are brain damaged. Even though the wizard recommends passive mode, it never tests for it. And it doesn't really test active mode either. What it really tests is whether anything between the client and the server is "transparently" translating IP addresses and port numbers. Such a test is broken, because the mere fact of port numbers being rewritten in TCP packets is irrelevant to whether PORT (active mode) will succeed or fail.
For completeness, in case someone decides to get pedantic, there is a case where a FTP client system would need the active mode PORT command to work, but that case is now of historical interest only. It's a scenario that FTP servers no longer support, for security reasons. (What is it? When the FTP client is operating as a controller to remotely transfer files between two servers: it tells one server to use passive mode, and sends the address/port it gets to the other server in active mode, which in theory would make the second server open a connection to the first. This, in fact, is why two modes, active and passive, were originally defined in the FTP standard!) And it still wouldn't need open ports on the client system.
Message Edited by arayq2 on 10-19-2008 09:12 PM -
How can FTP users access my NAS system via FTP client?
I recently purchased a 2 bay, 4TB Buffalo Link Station DUO in order to solve some FTP issues. I have about 50 users outside my LAN that need to connect drop files on my NAS, however nobody seems able to connect via FTP client. If they login using the Web Access Dynamic DNS address they can read and write via their web browser, but it's clunky and slow.
My NAS system has been given the IP adress of 192.168.1.254 which seem to me that it's a local IP adress, not a public/static IP. Do I need to manually assign an IP adress to my NAS system in order fot users to log into that specific IP and go directly to the shared folders on the NAS system?
Thanks in advance!Your NAS is getting that IP because it is behind your Router, which is the normal way to use it and as it should be.
You can not ASSIGN a public IP you your NAS. Only your ISP can do that and usually that incures an extra cost for more than 1 Public IP address. Usually included with a Business account and most of the time only available with a Business account. ISP do not want home owners running FTP or Mail servers on a residential acounts.
As noted you have to forward the noraml FTP port, port 21, in your Router to the IP of the NAS. Since you already have that port forwarded to your Mac, which I have no idea why you did that, you have to either change that port forwarding to the NAS IP or make the FTP server on the NAS respond to some other port and forward that on the router to the IP of the NAS. The to access the NAS FTP server you have to enter the piblic IP address of your router followed with a :and port #. XXX.XXX.XXX.XXX:22 or whatever port # you assign to the FTP server on the NAS. -
How to get the FTP clients to work?
This is something that (to me at least) should be trivial but I just can't
get it to work at all.
How do you get an FTP client to work?
I've tried several GUI clients as well as the terminal FTP command and they
all seem to get stuck entering passive mode - according to the log entries
they send the command.... And then nothing or a timeout, the following is
from the terminal FTP command:
Titania:~ susan$ ftp ftp.apple.com
Trying 17.254.16.11...
Connected to ftp.apple.com.
220 17.254.16.11 FTP server ready
Name (ftp.apple.com:susan): anonymous
331 Anonymous login ok, send your complete email address as your password.
Password:
230 Anonymous access granted, restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
501 EPSV: Operation not permitted
227 Entering Passive Mode (17,254,16,11,223,157).
200 PORT command successful
421 Service not available, remote server timed out. Connection closed
ftp>
In my System Preferences -> Network panel in the Proxies tab, I have the
"use Passive FTP mode (PASV) checked.
I also have checked the FTP firewall option (but I think that is only if I'm
acting as an FTP server).
I am connected to the internet via a Netgear wireless router.
I also have an old Windows laptop that also uses the same wireless router
and it can FTP quite happily!!!!!
Any suggestions would be gratefully received.
Susanejn - thanks for your continued assistance.
I've tried turning the firewall off but this does not appear to make any difference(*). Also, I have Parallels installed and I'm sharing the internet connection with this (even though Parallels itself is not currently running). Turning this sharing off doesn't seem to change anything either.
I have noticed some entries in the ifpw.log file that coincide with some of the ftp actions. Given the following terminal session:
Titania:~ susan$ ftp ftp.apple.com
Trying 17.254.16.10...
Connected to ftp.apple.com.
220 17.254.16.10 FTP server ready
Name (ftp.apple.com:susan): anonymous
331 Anonymous login ok, send your complete email address as your password.
Password:
230 Anonymous access granted, restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
501 EPSV: Operation not permitted
227 Entering Passive Mode (17,254,16,10,245,46).
200 PORT command successful
421 Service not available, remote server timed out. Connection closed
ftp>
at the time the "200 PORT command successful" is displayed, the ifpw log starts showing:
Sep 5 09:11:21 Titania ipfw: 12190 Deny TCP 17.254.16.10:20 192.168.0.5:49162 in via en1
Sep 5 09:11:24 Titania ipfw: 12190 Deny TCP 17.254.16.10:20 192.168.0.5:49162 in via en1
Sep 5 09:11:27 Titania ipfw: 12190 Deny TCP 17.254.16.10:20 192.168.0.5:49162 in via en1
Sep 5 09:11:30 Titania ipfw: 12190 Deny TCP 17.254.16.10:20 192.168.0.5:49162 in via en1
Sep 5 09:11:33 Titania ipfw: 12190 Deny TCP 17.254.16.10:20 192.168.0.5:49162 in via en1
Sep 5 09:11:36 Titania ipfw: 12190 Deny TCP 17.254.16.10:20 192.168.0.5:49162 in via en1
Sep 5 09:11:42 Titania ipfw: 12190 Deny TCP 17.254.16.10:20 192.168.0.5:49162 in via en1
which makes sense as the system tries to go for an active transfer.
(*) Actually, while I've been writing this, I've been playing on the terminal as well. I've found the combination of:
1) turning off the firewall
2) starting ftp
3) issuing the 'passive' command to turn off passive mode
4) issuing 'ls' etc. works
Looks like I've not been waiting long enough for the ftp client to get sick of trying the passive transfer and switching to an active one with the firewakk turned off!
Still doesn't answer the question - why does passive mode not work?
Susan -
Connect to FTP site with Apache commons net FTP client through Proxy
Hello,
I am trying to run this simple code to connect to FTP site through a proxy.
import org.apache.commons.net.ftp.FTP;
import org.apache.commons.net.ftp.FTPClient;
public class MyTest {
public static void main(String[] args) {
String ftpHostName = "ftp.xxx.com";
int ftpPort = 21;
String ftpUserName = "myUserName";
String ftpPassword = "myPassword";
System.setProperty("socksProxyHost" ,"10.148.0.131");
System.setProperty("socksProxyPort", "1080");
FTPClient ftpClient = new FTPClient();
try {
System.out.println("connecting");
ftpClient.connect(ftpHostName, ftpPort);
System.out.println("connected");
System.out.println("loging in");
boolean successLogin = ftpClient.login(ftpUserName, ftpPassword);
if(successLogin)
System.out.println("success login");
else
System.out.println("fail login");
catch (Exception e) {
e.printStackTrace();
finally {
try {
System.out.println("loging out");
ftpClient.logout();
System.out.println("disconecting");
ftpClient.disconnect();
catch (Exception e) {
e.printStackTrace();
I am getting the following error:
C:\temp\ftp\test>java.exe -cp ./commons-net-ftp-2.0.jar;. MyTest connecting
java.net.SocketException: Malformed reply from SOCKS server
at java.net.SocksSocketImpl.readSocksReply(SocksSocketImpl.java:87)
at java.net.SocksSocketImpl.connectV4(SocksSocketImpl.java:265)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:437)
at java.net.Socket.connect(Socket.java:519)
at org.apache.commons.net.SocketClient.connect(SocketClient.java:176)
at MyTest.main(MyTest.java:23)
loging out
java.lang.NullPointerException
at org.apache.commons.net.ftp.FTP.sendCommand(FTP.java:471<ftp://FTP.java:471>)
at org.apache.commons.net.ftp.FTP.sendCommand(FTP.java:534<ftp://FTP.java:534>)
at org.apache.commons.net.ftp.FTP.sendCommand(FTP.java:583<ftp://FTP.java:583>)
at org.apache.commons.net.ftp.FTP.quit(FTP.java:794<ftp://FTP.java:794>)
at org.apache.commons.net.ftp.FTPClient.logout(FTPClient.java:697)
at MyTest.main(MyTest.java:39)
I am able to do this using a different FTP client library, ftp4j-1.5.1<ftp://ftp4j-1.5.1> using the following code:
import it.sauronsoftware.ftp4j.FTPClient;
import it.sauronsoftware.ftp4j.connectors.SOCKS4Connector;
public class MyTestFtp4J {
public static void main(String[] args) {
String ftpHostName = "ftp.xxx.com";
int ftpPort = 21;
String ftpUserName = "myUserName";
String ftpPassword = "myPassword";
FTPClient ftpClient = new FTPClient();
ftpClient.setConnector(new SOCKS4Connector("10.148.0.131", 1080));
try {
System.out.println("connecting");
ftpClient.connect(ftpHostName, ftpPort);
System.out.println("connected");
System.out.println("loging in");
ftpClient.login(ftpUserName, ftpPassword);
System.out.println("success login");
catch (Exception e) {
e.printStackTrace();
finally {
try {
System.out.println("disconecting");
ftpClient.disconnect(true);
catch (Exception e) {
e.printStackTrace();
So I know the proxy settings are correct.
The java version I used to compile and run my apps is 1.6.0_06 Does anyone can help figure out what is wrong when I use the Apache commons net FTP client?
Thank you
JonIs the old AirPort Extreme base station (AEBS)
configured so that the option to distribute IP
addresses is DISABLED? If so, configure the new AEBS
to act as a bridge.
Are you suggesting I use a set-up with TWO AEBSs? Set up a bridge (not sure how) and then use the old AEBS to connect to the DSL modem and broadcast to the new Extreme which will then be the router to the other computers on the network?
Do you have any port mapping or default host enabled
on the old AEBS?
I do not understand, not do I see these options in the Base Station utitlity; perhaps they are in the FTP options--but that, I'm sorry to say, is not obvious to my inspection.
Duane, can you give me a few more basic instructions? Thanks
iMac 17 -
I cannot get access to my web server on my new Mac. I have finally gotten back to working on a Mac, after having to use Windows for work for a long time, but I cannot get ANY ftp client to access a server that I have been accessing for two years. I am truly baffled. I have been using CuteFTP to make passive mode connections, but on my Mac, no luck. I get connection, authentication, PASV mode start, then the whole thing seems to time out while LIST is happening. This occurs with the firewall on or off.
I am working on a Mac Book Pro, on an Ethernet network that has DSL and a Linksys router. I truly seek enlightenment.
Mac Book Pro Mac OS X (10.4.8) 2.13 gHz, 2 gig RAMAlso, I just tested using -A, and no go.
Hmmmm. Okay. Try logging in with the comand line client, and add the "-d" to the two different ftp commands:
<pre class="command">ftp -A -d ftp.servername.com</pre>for active mode or
<pre class="command">ftp -d ftp.servername.com</pre>Adding the "-d" makes it a little more verbose than normal. Perhaps there'll be a clue in there.
If that doesn't give you any clues, one more thing to try is to toggle the use of PORT/LPRT commands. Once you're connected to the remote server, and before you list the directory, issue this command at the ftp prompt:
<pre class="command">sendport</pre>If I do this on the ftp server I'm connecting to, I get this result (I started ftp with -d):
<pre class="command">ftp> sendport
Use of PORT/LPRT cmds off.
ftp> ls
---> LIST
421 Service not available, remote server timed out. Connection closed</pre>which is not exactly the same as your error, but kind of close.
Finally, since it's a laptop, have you tried connecting to the server from another network, like at work or a friend's house? Also, can you log into another ftp server? Perhaps there's a problem on the server end at your web server. It seems unlikely, but it's possible. You could try ftp.apple.com. You can log in with the username "anonymous" and giving an email address as the password. There's not much there any more, but it might be a good way to test.
Finally, are there any messages in the console or system log when you try to log in? You can see them using the Console application from your Utilities folder. Also, if you click on the "Logs" icon in the Console app, you'll toggle a listing of logs and directories. Look under the /var/log listing for the ipfw.log and see if anything gets logged in there when you're trying to connect to your server.
charlie -
Hello there!
Find strange problem working with WRT54G2 (firmware 1.0.04 - latest)
I try to connect to ftp server and very often get disconnects - see example of log below:
2009-09-20 23:37:50 3292 0 Status DNS request *******
2009-09-20 23:37:50 3292 0 Status Connection with *********
2009-09-20 23:37:50 3292 0 Status Connection established
2009-09-20 23:37:51 3292 0 Reply: 220 Welcome to Hosting Telesystems ftp service.
2009-09-20 23:37:51 3292 0 Command: USER ********
2009-09-20 23:37:51 3292 0 Reply: 331 Please specify the password.
2009-09-20 23:37:51 3292 0 Command: PASS ********
2009-09-20 23:37:51 3292 0 Reply: 230 Login successful.
2009-09-20 23:37:51 3292 0 Command: SYST
2009-09-20 23:37:51 3292 0 Reply: 215 UNIX Type: L8
2009-09-20 23:37:51 3292 0 Command: FEAT
2009-09-20 23:37:51 3292 0 Reply: 211-Features:
2009-09-20 23:37:51 3292 0 Reply: EPRT
2009-09-20 23:37:51 3292 0 Reply: EPSV
2009-09-20 23:37:51 3292 0 Reply: MDTM
2009-09-20 23:37:51 3292 0 Reply: PASV
2009-09-20 23:37:51 3292 0 Reply: REST STREAM
2009-09-20 23:37:51 3292 0 Reply: SIZE
2009-09-20 23:37:51 3292 0 Reply: TVFS
2009-09-20 23:37:51 3292 0 Reply: UTF8
2009-09-20 23:37:51 3292 0 Reply: 211 End
2009-09-20 23:37:51 3292 0 Command: OPTS UTF8 ON
2009-09-20 23:37:51 3292 0 Reply: 200 Always in UTF8 mode.
2009-09-20 23:37:51 3292 0 Status Connection established
2009-09-20 23:37:51 3292 0 Status getting list of directories
2009-09-20 23:37:51 3292 0 Command: PWD
2009-09-20 23:37:51 3292 0 Reply: 257 "/"
2009-09-20 23:37:51 3292 0 Command: TYPE I
2009-09-20 23:37:51 3292 0 Reply: 200 Switching to Binary mode.
2009-09-20 23:37:51 3292 0 Command: PASV
2009-09-20 23:37:54 3292 0 Ошибка: ECONNABORTED - Connection aborted
Same for all ftp servers i'm trying to access (even with ftp-server of my provider just next hop from router). Also i tried different ftp clients. Tracert doesn't indicate any troubles on the way.
But most interesting that after several tries it's connecting successfully. And after 10-20 tries i could even upload/download file to server. So it does not completely blocked somewhere, it works but very not stable.
I tried same client with Linksys WAG54GS (DSL modem) just to check could it be problem with my laptop and it works very good, no problems at all.
Looks like my WRT54G2 doesn't work very well with ftp. May be NAT problem or something else? Any ideas how this could be fixed?
Many thanks in advance,
mitkoWell, try to reflash the firmware for the router and forward the port 21 on the router for ip address of computer on which you are trying to access the FTP.
-
Can not Access disk drive attached to WRT350N via an FTP client
Background
I have a WRT350N v1 running the most current firmware. I have a static IP address for the WRT350N and I can ping it over the internet. I have a disk drive attached to the 350N with a FAT32 partition that has been set up for shared access for a selected group and user. I have worked with cicso/linksys support to verify the linksys350N is set up correctly (?).
Problem
I can not access the disk drive attached to the WRT350N via an FTP client. I have tried the following FTP Clients: Transmit and Filezilla. I get a "Connection established, waiting for welcome message...' message on the FTP client. Then it says Connect timeout, Can not connect to server. I CAN connect to other FTP sites so its not the FTP client software.
What I have done so far
1. deleted the old and added a new FTP group and user
2. unplugged and reconnected my WRT350N and my cable modem
3. Contacted Cisco/linksys support on-line and they verified my setup and can ping my 350N but thats as far as they are willing to help
I haven' a clue as to what to do next. Any and all help is greatly appreciated.Access your router set-up and make sure you have :
1. Enabled FTP Server and Internet Access under the FTP Server subtab under Storage...
2. Reduced the MTU size to 1300 under SetUp...
3. Unchecked Filter Anonymous Internet Requests...
If you have done all this and nothing works, then, you need to upgrade your router's firmware and re-configure your router and then enter the settings...
Download Firmware 3.23 MB...
Follow these steps to upgrade the firmware on the device : -
Open an Internet Explorer browser page on a computer hard wired to the router...
In the address bar type - 192.168.1.1...Leave the username blank & in password use admin in lower case...
Click on the 'Administration' tab- Then click on the 'Firmware Upgrade' sub tab- Here click on 'Browse' and browse the .bin firmware file and click on "Upgrade"...
Wait for few seconds until it shows that "Upgrade is successful" After the firmware upgrade, click on "Reboot" and you will be returned back to the same page OR it will say "Page cannot be displayed".
Now reset your router :
Press and hold the reset button for 30 seconds...Release the reset button...Unplug the power cable from your router, wait for 30 seconds and re-connect the power cable...Now re-configure your router...
1. Enable FTP Server and Internet Access under the FTP Server subtab under Storage...
2. Reduce the MTU size to 1300 under SetUp...3. Uncheck Filter Anonymous Internet Requests...See if this works for you... -
AEBS logging incorrect IP of FTP clients
I have successfully configured my ftp server and Airport Extreme to allow users access to my ftp site. The problem is the server is not logging the correct public IP of the ftp clients. For some strange reason it is logging the private IP (192.168.1.1) of the AEBS on the ftp server. I have configured different servers and they all have the same problem. The issue started when I had to use the AEBS to forward ports. Previously, I had U-Verse and I used their gateway to do all my forwarding and used the AEBS only as an access point and not a router. I now have Comcast as my ISP and they only supply me with a cable modem.
I have read other threads that describe a similar issue, except for the IP being logged is the Public IP of the AEBS and not the private.
Anyone having the same issue?I found a workaround for this problem. It seems like a bug with the AEBS software and NAT. If you leave
the public port at 21 and change the private to 2100 (or any other random port) in the NAT Rule, the server will properly log the Public IP of the ftp client. Do not forget to also change the ftp port on the server to 2100 or which ever one you choose to use as the private port. -
FTP-client behind RRAS - unable to connect to external FTP servers
FTP-client behind RRAS - unable to connect to external FTP servers
A small network (10-20PCs) without any segmentation - one LAN with one Gateway.
1. If the Gateway is some small hardware device, there are not any problems to make FTP-connections from LAN to Internet FTP-servers
2. If the Gateway is Win2003+RRAS+NAT or Win2003+ISA2005, there are not any problems to make FTP-connections from LAN to Internet FTP-servers
3. But if the gateway is Win2008+RAS+NAT or Win2012+RRAS+NAT, the computers in the LAN are not able to connect to Internet FTP-servers
I made a few tests:
1. On Win2012+RRAS+NAT
TurnOff Windows Firewall for All profiles (Domain, Private, Public) - the problem disappears, it it possible to connect to external Internet FTP-servers.
2. On Win2012+RRAS+NAT
TurnOff Windows Firewall only for Domain profile - the problem disappears, it it possible to connect to Internet FTP-servers.
3. On Win2012+RRAS+NAT
TurnOn Windows Firewall for All profiles (Domain, Private, Public)
But I excluded the Internal NIC in this list
Windows Firewall / Properties / Domain Profile / Protected network connections
and the problem disappears again
My question is:
What new Firewall rule I have to make and where to place it (to be able to make FTP-connection from LAN to Internet FTP-servers)?
I made some attempts to allow port21, but any success.Thank you, but did you try this ?
Can you describe in detail "exclusion rule for FTP traffic" ?!
In my previous post, I want to say that if you use Win 2008/2012 RAS+NAT as a network gateway, than it is not possible to make FTP-connections to external FTP servers from the computers behind that gateway.
And the standard attempts to make "Allow"-rules for port 21 in the gateway firewall (Win 2008/2012), do not solve the problem.
No matter which FTP-client you can try to use.
To see this problem, just make few simple tests:
">telnet <ftp-server> 21"
with firewall on/off and inbound/outbound "Allow port 21 rule (All/Domain/Private/Public)"
In my country, the Government Tax Department uses FTP-protocol to collect monthly data from companies.
And it is too stupid scenario (to be a small company and to) upgrade from Win 2003 to a newer 2008/2012 and than to not be able to make all your jobs.
-------EDIT---------
The same problem (and its solution) is described here:
http://social.technet.microsoft.com/Forums/windowsserver/en-US/0c68aed6-e22b-4cd4-86bd-f3c767e88349/advanced-firewall-blocking-through-ftp-traffic-rras
The magic command:
">netsh routing ip nat delete ftp"
solved the problem for me.
And here is the description of this command - "Disables the FTP proxy on the NAT server."
http://technet.microsoft.com/en-us/library/cc754535(v=ws.10).aspx#BKMK_106 -
I have access to upload files...to my business catalyst site through a browser.
My FTP client route is non functional as it has started to reject my password.
this is the second occurance of this type.
Id use the browser access only but as it wont accept html files I need the ftp access as well
What could be happening and how do I solve this issue.?I changed ,my password yesterday. finally gained access via my ftp client this morning.
Thank you -
I started FTP File Sharing and it works as expected - BUT the FTP client is allowed to see everything on the entire drive...!
I have set the Home Directory to a folder, but you are still able to go down in the hierarchy and see everything else on the computer. I want the user to ONLY see her home directory (and folders in it of course), nothing else.
How do I solve this?
Thanks,
AndreasThank you, but did you try this ?
Can you describe in detail "exclusion rule for FTP traffic" ?!
In my previous post, I want to say that if you use Win 2008/2012 RAS+NAT as a network gateway, than it is not possible to make FTP-connections to external FTP servers from the computers behind that gateway.
And the standard attempts to make "Allow"-rules for port 21 in the gateway firewall (Win 2008/2012), do not solve the problem.
No matter which FTP-client you can try to use.
To see this problem, just make few simple tests:
">telnet <ftp-server> 21"
with firewall on/off and inbound/outbound "Allow port 21 rule (All/Domain/Private/Public)"
In my country, the Government Tax Department uses FTP-protocol to collect monthly data from companies.
And it is too stupid scenario (to be a small company and to) upgrade from Win 2003 to a newer 2008/2012 and than to not be able to make all your jobs.
-------EDIT---------
The same problem (and its solution) is described here:
http://social.technet.microsoft.com/Forums/windowsserver/en-US/0c68aed6-e22b-4cd4-86bd-f3c767e88349/advanced-firewall-blocking-through-ftp-traffic-rras
The magic command:
">netsh routing ip nat delete ftp"
solved the problem for me.
And here is the description of this command - "Disables the FTP proxy on the NAT server."
http://technet.microsoft.com/en-us/library/cc754535(v=ws.10).aspx#BKMK_106 -
How to configure full tunnel with VPN client and router?
I know the concept of split tunnel....Is it possibe to configure vpn client and router full tunnel or instead of router ASA? I know filter options in concentrators is teher options in ISR routers or ASA?
I think it is possible. Following links may help you
http://www.cisco.com/en/US/products/hw/routers/ps274/products_configuration_example09186a0080819289.shtml -
Issue with Ftp Client / Server using Sockets
I have developed a Ftp Client and a Ftp Server. The client Connects to the Ftp Server and sends files to the ftp server. It is a multi threaded server and can have multiple clients connecting to it.
If a client goes down...the server waits till the client comes up
Similarly the client waits if a server goes down and reconnects when the server is again up and running
i am having a strange issue here. When two clients go down and reconnect to the server...They take a long time to connect and transferring of files takes a long time...
Other wise in all other scenarios the duo work properly.
Any feedback and suggestion about this strange issue from all you java gurus out there will be deeply appreciated.
Here is the client code
import java.net.*;
import java.net.Socket;
import java.net.InetAddress;
import java.io.*;
import java.io.File;
import java.util.*;
import java.lang.*;
import java.lang.Object;
import javax.crypto.*;
import java.util.regex.*;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.KeySpec;
import java.io.InputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.File.*;
import java.nio.channels.FileLock;
public class FTPClient {
public static void main(String[] args) throws Exception
Timer timer = new Timer("Test Timer");
timer.scheduleAtFixedRate(new TimerTask()
private int counter = 0;
public void run() {
try {
System.out.println(counter++);
Socket soc=new Socket("xxx.x.x.xx",5217);
System.out.println("Socket Initialised.");
transferfileClient t=new transferfileClient(soc);
t.SendFile();
System.out.println("run complete.");
catch(Exception ex)
}, 10000, 40000);
static class transferfileClient
Socket ClientSoc;
DataInputStream din;
DataOutputStream dout;
BufferedReader br;
transferfileClient(Socket soc)
try
ClientSoc=soc;
din=new DataInputStream(ClientSoc.getInputStream());
dout=new DataOutputStream(ClientSoc.getOutputStream());
br=new BufferedReader(new InputStreamReader(System.in));
catch(Exception ex)
//encrypto routine starts
class DesEncrypter {
Cipher ecipher;
Cipher dcipher;
// 8-byte Salt
byte[] salt = {
(byte)0xA9, (byte)0x9B, (byte)0xC8, (byte)0x32,
(byte)0x56, (byte)0x35, (byte)0xE3, (byte)0x03
// Iteration count
int iterationCount = 19;
DesEncrypter(String passPhrase) {
try {
// Create the key
KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), salt, iterationCount);
SecretKey key = SecretKeyFactory.getInstance(
"PBEWithMD5AndDES").generateSecret(keySpec);
ecipher = Cipher.getInstance(key.getAlgorithm());
dcipher = Cipher.getInstance(key.getAlgorithm());
// Prepare the parameter to the ciphers
AlgorithmParameterSpec paramSpec = new PBEParameterSpec(salt, iterationCount);
// Create the ciphers
ecipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);
dcipher.init(Cipher.DECRYPT_MODE, key, paramSpec);
} catch (java.security.InvalidAlgorithmParameterException e) {
} catch (java.security.spec.InvalidKeySpecException e) {
} catch (javax.crypto.NoSuchPaddingException e) {
} catch (java.security.NoSuchAlgorithmException e) {
} catch (java.security.InvalidKeyException e) {
// Buffer used to transport the bytes from one stream to another
byte[] buf = new byte[1024];
public void encrypt(InputStream in, OutputStream out) {
try {
// Bytes written to out will be encrypted
out = new CipherOutputStream(out, ecipher);
// Read in the cleartext bytes and write to out to encrypt
int numRead = 0;
while ((numRead = in.read(buf)) >= 0) {
out.write(buf, 0, numRead);
out.close();
} catch (java.io.IOException e) {
public void decrypt(InputStream in, OutputStream out) {
try {
// Bytes read from in will be decrypted
in = new CipherInputStream(in, dcipher);
// Read in the decrypted bytes and write the cleartext to out
int numRead = 0;
while ((numRead = in.read(buf)) >= 0) {
out.write(buf, 0, numRead);
out.close();
} catch (java.io.IOException e) {
} //encryptor routine ends
void SendFile() throws Exception
try
String directoryName;
// File object referring to the directory.
String[] files; // Array of file names in the directory.
//directory = new File ( "C:\\FTP\\" ) ;
File directory1 = new File("C:\\FTP");
boolean successmk = directory1.mkdir();
if (!successmk) {
// Directory creation failed /Already Exists
File directory = new File("C:\\FTP\\ftpc");
boolean successmk1 = directory.mkdir();
if (!successmk1) {
// Directory creation failed /Already Exists
//directory = new File ( "E:\\FTP-encrypted" ) ;
if (directory.isDirectory() == false) {
if (directory.exists() == false)
System.out.println("There is no such directory!");
else
System.out.println("That file is not a directory.");
else {
files = directory.list();
System.out.println("Files in directory \"" + directory + "\":");
for (int i = 0; i < files.length; i++)
String patternStr = "xml";
Pattern pattern = Pattern.compile(patternStr);
Matcher matcher = pattern.matcher(files);
boolean matchFound = matcher.find();
if (matchFound) {
System.out.println(" " + files[i]);
String filename;
filename=files[i];
File f=new File(directory,filename);
FileLock lock = null;
FileOutputStream fos = new FileOutputStream(f, true);
lock = fos.getChannel().tryLock();
if (lock == null) {
System.out.println(" Failed to get the file lock: means that the file is locked by other instance.");
fos.close();
else
InetAddress addr = InetAddress.getLocalHost();
// Get IP Address
//byte[] ipAddr = addr.getAddress();
String ip= addr.toString();
// Get hostname
//String hostname = addr.getHostName();
System.out.println(" Lock Acquired.");
lock.release();
fos.close();
dout.writeUTF("SEND");
dout.writeUTF(ip);
dout.writeUTF(filename);
//String msgFromServer=din.readUTF();
DesEncrypter encrypter = new DesEncrypter("My Pass Phrase!");
// Encrypt
FileInputStream fino=new FileInputStream(f);
encrypter.encrypt(fino,
new FileOutputStream("ciphertext.txt"));
fino.close();
FileInputStream fin=new FileInputStream("ciphertext.txt");
int ch;
do
ch=fin.read();
dout.writeUTF(String.valueOf(ch));
while(ch!=-1);
fin.close();
String option;
option=din.readUTF();
if((option.compareTo("Delete")==0))
boolean success = (new File("ciphertext.txt")).delete();
boolean success1 = f.delete();
if (success) {
System.out.println("File Sent ...");
if (success1) {
System.out.println("--File deleted from Client ...");
for (int j = 0; j < 999999999; j++){}
}//pattermatch loop ends here
else
{ //System.out.println(" " + "Not an XML file-------->" +files[i]);
for (int jb = 0; jb < 111999999; jb++){}
}// for loop ends here for files in directory
}//else loop ends for directory files listing
System.out.println("sendfile finished...");
return;
} catch(Exception ex) {ex.printStackTrace();}
}//sendfile ends here
public void displayMenu() throws Exception
System.out.println(" Send File");
SendFile();
return;
And here is the server code...
import java.net.*;
import java.io.*;
import java.util.*;
import java.util.Date;
import java.text.SimpleDateFormat;
import java.text.DateFormat;
import java.text.Format;
import java.lang.Object;
import java.lang.*;
import javax.crypto.*;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.KeySpec;
public class FTPServer
{ public static void main(String args[]) throws Exception
{ ServerSocket soc=new ServerSocket(5217);
System.out.println("FTP Server Started on Port Number 5217");
while(true)
System.out.println("Waiting for Connection ...");
transferfile t=new transferfile(soc.accept());
class transferfile extends Thread
Socket ClientSoc;
DataInputStream din;
DataOutputStream dout;
transferfile(Socket soc)
{ try
{ ClientSoc=soc;
din=new DataInputStream(ClientSoc.getInputStream());
dout=new DataOutputStream(ClientSoc.getOutputStream());
System.out.println("FTP Client Connected ...");
System.out.println("External IP of Client ..." + ClientSoc.getInetAddress());
//System.out.println("FTP Client Connected ..." + ClientSoc.getRemoteSocketAddress());
start();
catch(Exception ex)
//encrypto routine starts
class DesEncrypter {
Cipher ecipher;
Cipher dcipher;
// 8-byte Salt
byte[] salt = {
(byte)0xA9, (byte)0x9B, (byte)0xC8, (byte)0x32,
(byte)0x56, (byte)0x35, (byte)0xE3, (byte)0x03 };
// Iteration count
int iterationCount = 19;
DesEncrypter(String passPhrase) {
try {
// Create the key
KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), salt, iterationCount);
SecretKey key = SecretKeyFactory.getInstance(
"PBEWithMD5AndDES").generateSecret(keySpec);
ecipher = Cipher.getInstance(key.getAlgorithm());
dcipher = Cipher.getInstance(key.getAlgorithm());
// Prepare the parameter to the ciphers
AlgorithmParameterSpec paramSpec = new PBEParameterSpec(salt, iterationCount);
// Create the ciphers
ecipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);
dcipher.init(Cipher.DECRYPT_MODE, key, paramSpec);
} catch (java.security.InvalidAlgorithmParameterException e) {
} catch (java.security.spec.InvalidKeySpecException e) {
} catch (javax.crypto.NoSuchPaddingException e) {
} catch (java.security.NoSuchAlgorithmException e) {
} catch (java.security.InvalidKeyException e) {
// Buffer used to transport the bytes from one stream to another
byte[] buf = new byte[1024];
public void encrypt(InputStream in, OutputStream out) {
try {
// Bytes written to out will be encrypted
out = new CipherOutputStream(out, ecipher);
// Read in the cleartext bytes and write to out to encrypt
int numRead = 0;
while ((numRead = in.read(buf)) >= 0) {
out.write(buf, 0, numRead);
out.close();
} catch (java.io.IOException e) {
public void decrypt(InputStream in, OutputStream out) {
try {
// Bytes read from in will be decrypted
in = new CipherInputStream(in, dcipher);
// Read in the decrypted bytes and write the cleartext to out
int numRead = 0;
while ((numRead = in.read(buf)) >= 0) {
out.write(buf, 0, numRead);
//added later on
in.close();
out.close();
} catch (java.io.IOException e) {
} //encryptor routine ends
//not implemented right now as we arent using the ftp server to download stuff...can be activated later on if we want
void SendFile() throws Exception
String filename=din.readUTF();
File f=new File(filename);
if(!f.exists())
dout.writeUTF("File Not Found");
return;
else
{ dout.writeUTF("READY");
FileInputStream fin=new FileInputStream(f);
int ch;
do
ch=fin.read();
dout.writeUTF(String.valueOf(ch));
while(ch!=-1);
fin.close();
dout.writeUTF("File Received Successfully");
String Compare(String filename) throws Exception
///dout.writeUTF("entering compare");
String dateTempString=new String();
Date dateValue=new Date();
SimpleDateFormat formatter = new SimpleDateFormat ("hhmmss");
dateTempString = formatter.format(dateValue);
File dir1 = new File("C:\\FTPnew");
boolean success2 = dir1.mkdir();
if (!success2) {
// Directory creation failed /Already Exists
File dir = new File("C:\\FTPnew\\server");
boolean success = dir.mkdir();
if (!success) {
// Directory creation failed /Already Exists
File ftemp=new File(dir,dateTempString + filename);
File fnewtemp=new File(dir,"new-enc-"+filename);
// Create encrypter/decrypter class
DesEncrypter encrypter = new DesEncrypter("My Pass Phrase!");
FileOutputStream fout=new FileOutputStream(fnewtemp);
int ch;
String temp;
do
{ temp=din.readUTF();
ch=Integer.parseInt(temp);
if(ch!=-1)
fout.write(ch);
}while(ch!=-1);
fout.close();
//dout.writeUTF("written temp en file");
// Decrypt
encrypter.decrypt(new FileInputStream(fnewtemp),
new FileOutputStream(ftemp));
//String Option;
dout.writeUTF("Delete");
System.out.println("File Upload Successfull--Duplicate file with timestamp Created");
boolean success1 = fnewtemp.delete();
return "hello" ;
void ReceiveFile() throws Exception
String ip=din.readUTF();
System.out.println("\tRequest Coming from Internal IP Address : "+ ip);
String filename=din.readUTF();
if(filename.compareTo("File not found")==0)
return;
// Destination directory
File dir11 = new File("C:\\FTPnew");
boolean success22 = dir11.mkdir();
if (!success22) {
// Directory creation failed /Already Exists
File dir = new File("C:\\FTPnew\\server");
boolean success21 = dir.mkdir();
if (!success21) {
// Directory creation failed /Already Exists
File f=new File(dir ,"enc-"+filename);
File fe=new File(dir,filename);
String option;
if(fe.exists())
//dout.writeUTF("File Already Exists");
String compvalue = Compare(filename);
//dout.writeUTF(compvalue);
if(compvalue.compareTo("hello")==0)
//dout.writeUTF("Transfer Completed");
return;
option=din.readUTF();
else
//dout.writeUTF("SendFile");
option="Y";
if(option.compareTo("Y")==0)
// Generate a temporary key.
// Create encrypter/decrypter class
DesEncrypter encrypter = new DesEncrypter("My Pass Phrase!");
FileOutputStream fout=new FileOutputStream(f);
int ch;
String temp;
do
{ temp=din.readUTF();
ch=Integer.parseInt(temp);
if(ch!=-1)
fout.write(ch);
}while(ch!=-1);
fout.close();
// Decrypt
encrypter.decrypt(new FileInputStream(f),
new FileOutputStream(fe));
boolean success2 = f.delete();
dout.writeUTF("Delete");
System.out.println("File Upload Successfull");
else
return;
public void run()
while(true)
try
String Command=din.readUTF();
if(Command.compareTo("SEND")==0)
System.out.println("\tSEND Command Received ...");
ReceiveFile();
continue;
catch(Exception ex)
//System.out.println("\tClient Terminated Abnormally ...........");
continue;Please note that this is not an FTP client and server. FTP is defined by a standard IETF protocol and this isn't it.
Then, move the following lines:
din=new DataInputStream(ClientSoc.getInputStream());
dout=new DataOutputStream(ClientSoc.getOutputStream());
System.out.println("FTP Client Connected ...");
System.out.println("External IP of Client ..." + ClientSoc.getInetAddress());
//System.out.println("FTP Client Connected ..."+ClientSoc.getRemoteSocketAddress());from the constructor into the run() method. i.e. don't do anything with the socket in the thread which handles the accept(). -
FTP client is not working in active mode
Hi,
I have a ftp issue trying to download iweb files.
My provider enabled me a ftp access.
I tried to connect to it with transmit or rbrowser ftp client (passive mode disabled). The connection works well but i can not retrieve the list of files.
However using my PC and filezilla ftp client in active mode, the connection did work properly.
Any idea to help make this connection work on my mac ?
ThanksPerhaps this will help...
http://slacksite.com/other/ftp.html
"The main problem with active mode FTP actually falls on the client side. The FTP client doesn't make the actual connection to the data port of the server--it simply tells the server what port it is listening on and the server connects back to the specified port on the client. From the client side firewall this appears to be an outside system initiating a connection to an internal client--something that is usually blocked."
Maybe you are looking for
-
How do I access internet radio stations in iTunes 11
In the previous version of itunes, you could listen to internet radio. In the new version this seems to have been eliminated on the ipad. Is that correct, or maybe I just can't find it.
-
Hi, I have an existing BAM Set up. I have changed the DB Name from xyz to abc. I have done changes accordingly in tnsnames.ora file in orabam client-network-admin. When im trying to start the ADC service , it fails. The below mentioned error is writt
-
My MacBook Pro is experiencing some long startup times. It used to boot up almost instantly. After installing a security update and removing the startup folder to address the Photoshop CS2 problem, it starts up about 3 times as slow. Compared to my f
-
Flash media encoder is not responding
I stream video games and i occasionaly get this message which goes away afte few seconds. Please help. Windows 7 x64 FME version 2.5 withvhscrcap Also my speedtest http://www.speedtest.net/result/1257248545.png <?xml version="1.0" encoding="UTF-16"?>
-
Hey, What's the Lingo to pause a SWF with Flash video embedded? I just imported a video into Flash 8, exported it as a SWF. Now imported into Director. Want a button to pause, and resume. No other things needed at this stage. Thanks heaps.