FTP Server: PASV / Illegal PORT Command Issues

Similar Messages

• FTP Server in FXP mode : PASV / Illegal PORT Command

  Hello,
  In our workflow, we transfer the media files with the FTP protocol in mode FXP (server to server), the commands are initiated by an automation system.
  This system work with the plateforms windows (serv-u), linux (vsftpd), osx (tnftpd) but it's impossible on a osx server (xftpd). The aim is to write file on our Xsan.
  The error is an illegal PORT command, when the automation system sent the IP adress of the other server.
  For test, If the IP adress of the destination server is the same that the automation server, the transfers are good, the PORT command is accepted.
  But in our case, the ip adress, is a other server...
  We can't to run the ftp server in FXP mode, and I do not want to install a Pureftp for to replace the tools included with osx server (and server admin).
  I think that's is possible, because this workflow works on a osx after we have modify the ftpd.conf (checkportcmd off).
  We not found in the file ftp access and nothing on the Internet, that's why I write on this board.
  I need your help, anyone have a solution, it's really important ?
  Thank you very much.
  Franck

  Hello Franck,
  I'm attempting the same thing.  Did you find a solution to your problem?

• FTP/File Sender Adapter over SSL - 500 Illegal PORT command.

  Hello Experts!
  I'm trying to configure FTP Sender Adapter over SSL. This is the configuration I'm using:
  Server: server01
  Port: 21
  Data Connection: Active
  Timeout: 100
  Connection Security: FTPS (FTP Using SSL/TLS) for Control and Data Connection
  Command Order: AUTH TLS, USER, PASS, PBSZ, PROT
  I have imported ftp server certificate into TrustedCAs key store. When the sender adapter tries to connect it receives the error 500 Illegal PORT command when getting files list.
  This is an excerpt of the logs of connection steps:
  #Plain##ftp server returns reply '220 Restricted Access. All Actions are monitored.'#
  #Plain##Detected 'AUTH TLS' command: Preparing TLS/SSL connection upgrade#
  #Plain##'AUTH TLS' successful: Upgrading control channel to TLS/SSL#
  #Plain##ftp server returns reply '234 Proceed with negotiation.'#
  #Plain##ftp server returns reply '331 Please specify the password.'#
  #Plain##ftp server returns reply '230 Login successful.'#
  #Plain##ftp server returns reply '200 PBSZ set to 0.'#
  #Plain##ftp server returns reply '200 PROT now Private.'#
  #Plain##ftp server returns reply '215 UNIX Type: L8'#
  #Plain##ftp server returns reply '200 Switching to ASCII mode.'#
  #Plain##ftp server returns reply '250 Directory successfully changed.'#
  #Plain##ftp server returns reply '500 Illegal PORT command.'#
  Does anybody know how to solve it?
  Thank you in advance!
  Roger Allué i Vall

  Ok! This is the maximum i could obtain:
  Fri Dec 11 15:28:12 2009 [pid 15206] FTP response: Client "10.58.42.108", "220 Restricted Access. All Actions are monitored."
  Fri Dec 11 15:28:12 2009 [pid 15206] FTP command: Client "10.58.42.108", "AUTH TLS"
  Fri Dec 11 15:28:12 2009 [pid 15206] FTP response: Client "10.58.42.108", "234 Proceed with negotiation."
  Fri Dec 11 15:28:12 2009 [pid 15206] FTP command: Client "10.58.42.108", "USER iubsint"
  Fri Dec 11 15:28:12 2009 [pid 15206] [iubsint] FTP response: Client "10.58.42.108", "331 Please specify the password."
  Fri Dec 11 15:28:12 2009 [pid 15206] [iubsint] FTP command: Client "10.58.42.108", "PASS <password>"
  Fri Dec 11 15:28:12 2009 [pid 15205] [iubsint] OK LOGIN: Client "10.58.42.108"
  Fri Dec 11 15:28:12 2009 [pid 15207] [iubsint] FTP response: Client "10.58.42.108", "230 Login successful."
  Fri Dec 11 15:28:12 2009 [pid 15207] [iubsint] FTP command: Client "10.58.42.108", "PBSZ 0"
  Fri Dec 11 15:28:12 2009 [pid 15207] [iubsint] FTP response: Client "10.58.42.108", "200 PBSZ set to 0."
  Fri Dec 11 15:28:12 2009 [pid 15207] [iubsint] FTP command: Client "10.58.42.108", "PROT P"
  Fri Dec 11 15:28:12 2009 [pid 15207] [iubsint] FTP response: Client "10.58.42.108", "200 PROT now Private."
  Fri Dec 11 15:28:12 2009 [pid 15207] [iubsint] FTP command: Client "10.58.42.108", "SYST"
  Fri Dec 11 15:28:12 2009 [pid 15207] [iubsint] FTP response: Client "10.58.42.108", "215 UNIX Type: L8"
  Fri Dec 11 15:28:12 2009 [pid 15207] [iubsint] FTP command: Client "10.58.42.108", "TYPE I"
  Fri Dec 11 15:28:12 2009 [pid 15207] [iubsint] FTP response: Client "10.58.42.108", "200 Switching to Binary mode."
  Fri Dec 11 15:28:12 2009 [pid 15207] [iubsint] FTP command: Client "10.58.42.108", "CWD /interfaces"
  Fri Dec 11 15:28:12 2009 [pid 15207] [iubsint] FTP response: Client "10.58.42.108", "250 Directory successfully changed."
  Fri Dec 11 15:28:12 2009 [pid 15207] [iubsint] FTP command: Client "10.58.42.108", "PORT 10,58,45,108,159,112"
  Fri Dec 11 15:28:12 2009 [pid 15207] [iubsint] FTP response: Client "10.58.42.108", "500 Illegal PORT command."
  I think we found the problem though. FTP Administrator says this is wrong:
  Fri Dec 11 15:28:12 2009 [pid 15207] [iubsint] FTP command: Client "10.58.42.108", "PORT 10,58,45,108,159,112"
  it should be
  Fri Dec 11 15:28:12 2009 [pid 15207] [iubsint] FTP command: Client "10.58.42.108", "PORT 10,58,42,108,159,112"
  Something is making SAP PI to take a wrong ip address (This server has two).
  I'll let you know if we solve it!!
  Thank you!!!

• FTP : 502 Illegal PORT Command

  I'm developing a simple ftp client from the socket level , the program runs just fine in Solaris but not in the window XP. As the program sent a "PORT 10,100,151,180,5,201" to the ftp server (a Solaris) then I get the "502 Illegal PORT Command" reply. This won't happen when it is in Solaris. The ftp provided by win XP works just fine in the same pc. what's wrong with my ftp client program ?
  Pls help
  Samuel

  In terms of the Airport Extreme, is the Mac Mini Server currently set to the default host? If the Mac Mini Server is not currently set to the default host, this needs to be configured as such.
  To set up the Mac Mini Server as the default host on the Airport Extreme:
  1 Open AirPort Utility, select your wireless device, and then choose Manual Setup from the Base Station menu, or double-click the device icon to open its configuration in a separate window. Enter the password if necessary.
  2 Click the Internet button, and then click NAT.
  3 Select the “Enable Default Host at” checkbox if not already checked.
  4 Enter the same IP address of the Mac Mini Server.
  This works

• FTP server: PORT command not supported??

  Hi,
  In a nutshell - we are trying to set up PASV -- PORT connection between a Tiger server (10.4.11) and another system (say it's a windows FTP server). Issuing a PORT command to a Tiger FTP server fails with this error:
  -> PORT 192,168,11,3,199,158
  <- 500 Invalid PORT command
  I have done some research on the web and as far as I can see - this is just a feature that is disabled in Mac OS X ftp server.
  What's strange is that "features" command states that PORT is supported.
  Has anyone seen PORT command work for a Tiger Server ftp daemon?
  Has anyone succeeded enabling this command on a Tiger server?
  Can you recommend another FTP server that works well on a Tiger server?
  Thanks a million,
  Darius

  Passive (PASV) and Port (PORT) mechanisms are orthagonal.
  If you're working with PORT, then you're almost certainly trying to clear through one or more firewalls. And a firewall can also trigger the Illegal Port Command error for a PORT command.
  (Though I don't see a PORT command in the Mac OS X ftp client. I've checked a couple of clients, and it isn't common to expose it.)
  ftp is a mess. Insecure, difficult to configure, insecure, firewall unfriendly, insecure, and slow. And did I mention insecure?
  (No, I'm not a big fan of ftp.)
  Some reading material:
  http://www.cert.org/techtips/ftp_portattacks.html
  http://www.slacksite.com/other/ftp.html
  http://cr.yp.to/ftp/security.html
  As for a suggestion, chuck ftp and switch to sftp.

• How to implement logger in this ftp server

  I have written a FTP Server that is used by the clients to upload xml over to the server.
  Currently it is using a console and it is printing stuff out on a console.
  I have tried a lot to implement a logger class so that all console messages get written to a file.
  But it has not been working out at all.
  I would deeply appreciate if all you java gurus out there could modify the code given below to correctly log messages to a log file.
  Please do Explain if possible ...I will try to rectify this issue in several other applications i developed as well.
  import java.net.*;
  import java.io.*;
  import java.util.*;
  import java.util.Date;
  import java.text.SimpleDateFormat;
  import java.text.DateFormat;
  import java.text.Format;
  import java.lang.Object;
  import java.lang.*;
  import javax.crypto.*;
  import javax.crypto.spec.PBEKeySpec;
  import javax.crypto.spec.PBEParameterSpec;
  import java.security.spec.AlgorithmParameterSpec;
  import java.security.spec.KeySpec;
  public class FTPServer
  {     public static void main(String args[]) throws Exception
       {     ServerSocket soc=new ServerSocket(5217);
            System.out.println("FTP Server Started on Port Number 5217");
            while(true)
                 System.out.println("Waiting for Connection ...");
                 transferfile t=new transferfile(soc.accept());               
  class transferfile extends Thread
       Socket ClientSoc;
       DataInputStream din;
       DataOutputStream dout;     
       transferfile(Socket soc)
       {     try
            {     ClientSoc=soc;                              
                 din=new DataInputStream(ClientSoc.getInputStream());
                 dout=new DataOutputStream(ClientSoc.getOutputStream());
                 System.out.println("FTP Client Connected ...");
                 System.out.println("External IP of Client ..." + ClientSoc.getInetAddress());
                 //System.out.println("FTP Client Connected ..." + ClientSoc.getRemoteSocketAddress());
                 start();               
            catch(Exception ex)
  //encrypto routine starts
  class DesEncrypter {
          Cipher ecipher;
          Cipher dcipher;   
          // 8-byte Salt
          byte[] salt = {
              (byte)0xA9, (byte)0x9B, (byte)0xC8, (byte)0x32,
              (byte)0x56, (byte)0x35, (byte)0xE3, (byte)0x03 };   
          // Iteration count
          int iterationCount = 19;   
         DesEncrypter(String passPhrase) {
              try {
                  // Create the key
                  KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), salt, iterationCount);
                  SecretKey key = SecretKeyFactory.getInstance(
                      "PBEWithMD5AndDES").generateSecret(keySpec);
                  ecipher = Cipher.getInstance(key.getAlgorithm());
                  dcipher = Cipher.getInstance(key.getAlgorithm());   
                  // Prepare the parameter to the ciphers
                  AlgorithmParameterSpec paramSpec = new PBEParameterSpec(salt, iterationCount);   
                  // Create the ciphers
                  ecipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);
                  dcipher.init(Cipher.DECRYPT_MODE, key, paramSpec);
              } catch (java.security.InvalidAlgorithmParameterException e) {
              } catch (java.security.spec.InvalidKeySpecException e) {
              } catch (javax.crypto.NoSuchPaddingException e) {
              } catch (java.security.NoSuchAlgorithmException e) {
              } catch (java.security.InvalidKeyException e) {
          // Buffer used to transport the bytes from one stream to another
          byte[] buf = new byte[1024];   
          public void encrypt(InputStream in, OutputStream out) {
              try {
                  // Bytes written to out will be encrypted
                  out = new CipherOutputStream(out, ecipher);   
                  // Read in the cleartext bytes and write to out to encrypt
                  int numRead = 0;
                  while ((numRead = in.read(buf)) >= 0) {
                      out.write(buf, 0, numRead);
                  out.close();
              } catch (java.io.IOException e) {
          public void decrypt(InputStream in, OutputStream out) {
              try {
                  // Bytes read from in will be decrypted
                  in = new CipherInputStream(in, dcipher);   
                  // Read in the decrypted bytes and write the cleartext to out
                  int numRead = 0;
                  while ((numRead = in.read(buf)) >= 0) {
                      out.write(buf, 0, numRead);
                      //added later on
                      in.close();                    
                  out.close();
              } catch (java.io.IOException e) {
  }     //encryptor routine ends
  //not implemented right now as we arent using the ftp server to download stuff...can be activated later on if we want
       void SendFile() throws Exception
            String filename=din.readUTF();
            File f=new File(filename);
            if(!f.exists())
                 dout.writeUTF("File Not Found");
                 return;
            else
            {     dout.writeUTF("READY");
                 FileInputStream fin=new FileInputStream(f);
                 int ch;
                 do
                      ch=fin.read();
                      dout.writeUTF(String.valueOf(ch));
                 while(ch!=-1);     
                 fin.close();     
                 dout.writeUTF("File Received Successfully");                                   
       String Compare(String filename) throws Exception
                      ///dout.writeUTF("entering compare");
                      String dateTempString=new String();
                      Date dateValue=new Date();
                      SimpleDateFormat formatter = new SimpleDateFormat ("hhmmss");
                      dateTempString = formatter.format(dateValue);
                      File dir1 = new File("C:\\FTPnew");
                      boolean success2 = dir1.mkdir();
                      if (!success2) {
                           // Directory creation failed /Already Exists
                      File dir = new File("C:\\FTPnew\\server");
                      boolean success = dir.mkdir();
                      if (!success) {
                           // Directory creation failed /Already Exists
                      File ftemp=new File(dir,dateTempString + filename);
                      File fnewtemp=new File(dir,"new-enc-"+filename);
                      // Create encrypter/decrypter class
                      DesEncrypter encrypter = new DesEncrypter("My Pass Phrase!");
                      FileOutputStream fout=new FileOutputStream(fnewtemp);     
                      int ch;
                      String temp;
                      do
                      {     temp=din.readUTF();
                           ch=Integer.parseInt(temp);
                           if(ch!=-1)
                                fout.write(ch);                         
                      }while(ch!=-1);
                      fout.close();
                      //dout.writeUTF("written temp en file");
                      // Decrypt
                  encrypter.decrypt(new FileInputStream(fnewtemp),
                  new FileOutputStream(ftemp));
                      //String Option;
                      dout.writeUTF("Delete");                    
                      System.out.println("File Upload Successfull--Duplicate file with timestamp Created");          
                      boolean success1 = fnewtemp.delete();                    
                      return "hello" ;
       void ReceiveFile() throws Exception
            String ip=din.readUTF();
            System.out.println("\tRequest Coming from Internal IP Address : "+ ip);
            String filename=din.readUTF();
            if(filename.compareTo("File not found")==0)
                 return;
            // Destination directory
     File dir11 = new File("C:\\FTPnew");
                      boolean success22 = dir11.mkdir();
                      if (!success22) {
                           // Directory creation failed /Already Exists
                      File dir = new File("C:\\FTPnew\\server");
                      boolean success21 = dir.mkdir();
                      if (!success21) {
                           // Directory creation failed /Already Exists
            File f=new File(dir ,"enc-"+filename);
            File fe=new File(dir,filename);
            String option;
            if(fe.exists())
                 //dout.writeUTF("File Already Exists");
                 String compvalue = Compare(filename);
                 //dout.writeUTF(compvalue);
                 if(compvalue.compareTo("hello")==0)
                      //dout.writeUTF("Transfer Completed");
                      return;
                 option=din.readUTF();
            else
                 //dout.writeUTF("SendFile");
                  option="Y";
                 if(option.compareTo("Y")==0)
                      // Generate a temporary key.       
          // Create encrypter/decrypter class
           DesEncrypter encrypter = new DesEncrypter("My Pass Phrase!");
               FileOutputStream fout=new FileOutputStream(f);                    
                      int ch;
                      String temp;
                      do
                      {     temp=din.readUTF();
                           ch=Integer.parseInt(temp);
                           if(ch!=-1)
                                fout.write(ch);                         
                      }while(ch!=-1);
                      fout.close();                    
                      // Decrypt
                  encrypter.decrypt(new FileInputStream(f),
                  new FileOutputStream(fe));          
                      boolean success2 = f.delete();
                      dout.writeUTF("Delete");
                      System.out.println("File Upload Successfull");                    
                 else
                      return;
       public void run()
            while(true)
                 try
                 String Command=din.readUTF();
                 if(Command.compareTo("SEND")==0)
                      System.out.println("\tSEND Command Received ...");     
                      ReceiveFile();
                      continue;
                 catch(Exception ex)
                      //System.out.println("\tClient Terminated Abnormally ...........");
                      continue;
  }

  Stick a
  Logger log = Logger.getLogger( "me ftp server" );at the top.
  Checn Sys.out.println to log.info( ... )
  Add a logging prefs file.
  http://java.sun.com/j2se/1.4.2/docs/guide/util/logging/overview.html

• Is IOS FTP server rfc959 compliant?

  I'm having some problems getting a Siemens application and a Cisco IOS FTP server communicating. I think it may be because neither has implemented RFC959 correctly. My question to you is about the Cisco IOS server.
  I'm using the Cisco IOS server i.e.:
  ftp-server enable
  ftp-server topdir <whatever>
  I notice that if I use the Microsoft DOS command line FTP client, and issue an 'ls' command to the Cisco IOS FTP server then, among other commands, the relevant FTP command sent by DOS is 'NLST'. According to RFC959 this should send a simple stream of filenames separated by CR/LF and no other information. However DOS displays the fully formatted results i.e. with attributes, dates, file size etc. This is more like what I'd expect from the 'LIST' FTP command.
  So the question is, does the Cisco IOS FTP server comply with RFC959 NLST command? Or am I interpreting things wrong (I haven't done a full protocol analysis yet)?
  IOS is (C1841-BROADBAND-M), Version 12.4(1a).

  According to the following statements,a cisco IOS FTP server complies with RFC 959.
  FTP
  -ether2.ip.tcp.ftp
  File Transfer Protocol Control Port; an FTP client initiates an FTP control connection by sending FTP commands from user port (U) to this port./RFC 959
  The above statement is mentioned in the following URL:
  http://www.cisco.com/en/US/products/sw/cscowork/ps2197/products_quick_reference_guide09186a00800f1ffc.html

• Problem while reading the file from FTP server

  Hi Friends,
  I have a problem while fetching files from FTP server.
  I used FTP_Connect, FTP_COMMAND function modules. I can able to put the files into FTP server.
  but I cant able to pick the files from FTP server.
  anyone have faced similar issues kindly let me know.
  Thanks
  Gowrishankar

  Hi,
  try this way..
  for reading the file using FTP you need to use different unix command ..
  Prabhuda

• Os10.5.8 connection FTP server no popup windows asking for my logging and password

  I'm actually working on mac book pro 10.5.8 and I try to access a FTP server. Finder then command+P and my address. The finder open me two files "Array and Info" but nothing in the Array folder where everything should be. The problem found is that the system is not asking me for my password and login. My friend who is working on 10.6 get this popup windows asking for login and password. Why I don't get this windows on os 10.5.8. 

  find the trick. ftp://name@server

• Zip files from FTP server using BODS 4.1

  HI Friends,
  My requirement: Move zip files from FTP server to Target server using Data services.
  The zip files( variable) are loaded daily into a directory in an FTP server, I need to establish a connection to the FTP server and get the zip files into BODS Environment. Can anyone please list out the steps to get the connection from FTP to BODS?
  My Environment : BODS 4.1 SP1
  Thanks and Regards
  Anil

  Hi Anil,
  We have done similar kind of requirement
  1. Connect FTP server
  2. call Exec command
  3. write simple script move file to whatever your location
  Please let me know
  FYI.. Let me check if get same ATL for you.
  Regards,
  Manoj.

• Port Mapping Filezilla FTP Server

  I just got a new AirPort Extreme Base Station (802.11n). I must say, I'm pleased for the most part. I'm having an issue with remotely connecting to my FTP server inside the network though.
  Setup:
  The whole this is connected as follows:
  Cable Modem - AEBS - Wired Windows PC
  On this windows PC I run an FTP & HTTP server. Both are functioning properly as they always have, both on the localhost and within the network.
  The HTTP protocol is working fine. I have port 80 mapped to my PC's static IP of 10.0.1.100. I can browse my hosted site from a remote PC no problem.
  Yet, from a remote PC I am unable to fully establish FTP communication. I have port 21 mapped to my PC's static IP as well. Communication seems to be happening; the remote PC gets prompted for their username and password. Shortly after (within a timeout time), the FTP server replies that it cannout open the data channel.
  Data:
  Here is the Remote PC's log of the FTP session:
  Status: Connecting to $server.com ...
  Status: Connected with $server.com. Waiting for welcome message...
  Response: 220 $greeting
  Command: USER $username
  Response: 331 Password required for dave
  Command: PASS $pass**
  Response: 230 Logged on
  Command: SYST
  Response: 215 UNIX emulated by FileZilla
  Command: FEAT
  Response: 211-Features:
  Response: MDTM
  Response: REST STREAM
  Response: SIZE
  Response: MLST type;size*;modify;
  Response: MLSD
  Response: UTF8
  Response: CLNT
  Response: 211 End
  Status: Connected
  Status: Retrieving directory listing...
  Command: PWD
  Response: 257 "/" is current directory.
  Command: TYPE A
  Response: 200 Type set to A
  Command: PASV
  Response: 227 Entering Passive Mode (10,0,1,100,16,141)
  Command: LIST
  Response: 425 Can't open data connection.
  Error: Could not retrieve directory listing
  Solutions Attempts:
  I have tried mapping the FTP data port (20) to the server's static IP to no avail. I even went as far as setting the server as the default host (DMZ); this didn't work either.
  Am I looking at a fresh firmware bug here or am I missing anything? Thanks for your help.
  P.S. No changes have been made on the server and every other no name router I've used has successfully port mapped the server; it's definitely the new hardware.
  Windows PC Windows XP Pro
  Windows PC   Windows XP Pro  

  1. Try to connect to your FTP-Server in AKTIVE-Mode,
  it's a setting in your FTP-Client
  Most all FTP clients are defaulted to passive mode, and I want to connect without asking all users to change their settings.
  Previous routers did not require anything like this, why would this new base station obfuscate the setup?
  2. Don't use the same AirportXtrem internet
  connection (for testing your FTP-Service) where is
  your FTP-Server behind. I don't know why, when I try
  to establish a connection I could not go out and come
  back through my AXtrem on the same way.
  Try it with a Modem, UMTS or with another internet
  connection.
  I don't know exactly what you're talking about. Please explain better or with more details.
  Windows PC Windows XP Pro

• Can not connect to Cerberus FTP Server with PASV

  I setup a FTP Server and i can connect from the inside fine but from the outside i can not connect in passive mode. I can in regular ftp or ssh.
  Here is the log from filezilla
  Status:          Resolving address of domain.com
  Status:          Connecting to ExternalIP:990...
  Status:          Connection established, initializing TLS...
  Status:          Verifying certificate...
  Status:          TLS/SSL connection established, waiting for welcome message...
  Response:          220-220-Welcome to Cerberus FTP Server
  Response:          220 220 Created by Cerberus, LLC
  Command:          USER test
  Response:          331 User test, password please
  Command:          PASS ***********
  Response:          230 Password Ok, User logged in
  Command:          CLNT FileZilla
  Response:          200 Command okay
  Command:          OPTS UTF8 ON
  Response:          220 UTF8 support on
  Command:          PBSZ 0
  Response:          200 PBSZ=0
  Command:          PROT P
  Response:          200 PROT P OK, data channel will be secured
  Status:          Connected
  Status:          Retrieving directory listing...
  Command:          PWD
  Response:          257 "/" is the current directory
  Command:          TYPE I
  Response:          200 Type Binary
  Command:          PASV
  Response:          227 Entering Passive Mode (external IP,195,83)
  Command:          MLSD
  Error:          Connection timed out
  Error:          Failed to retrieve directory listing
  Result of the command: "show running-config"
  : Saved
  ASA Version 8.0(4)
  interface Vlan1
  nameif inside
  security-level 100
  ip address 192.168.10.10 255.255.255.0
  interface Vlan2
  nameif outside
  security-level 0
  pppoe client vpdn group att
  ip address pppoe setroute
  interface Ethernet0/0
  switchport access vlan 2
  interface Ethernet0/1
  interface Ethernet0/2
  interface Ethernet0/3
  interface Ethernet0/4
  interface Ethernet0/5
  interface Ethernet0/6
  interface Ethernet0/7
  ftp mode passive
  clock timezone CST -6
  clock summer-time CDT recurring
  object-group service RDP tcp
  description RDP
  port-object eq 3389
  object-group service FTP_PASV_Ports tcp
  description Passive Ports
  port-object range 35000 35999
  object-group service FTPS tcp
  description FTPS
  port-object eq 990
  access-list outside_access_in extended permit tcp any any object-group RDP
  access-list outside_access_in extended permit icmp any any
  access-list outside_access_in extended permit tcp any any eq ftp
  access-list outside_access_in extended permit tcp any any eq telnet
  access-list outside_access_in extended permit tcp any any eq smtp
  access-list outside_access_in extended permit tcp any any eq www
  access-list outside_access_in extended permit tcp any any eq pop3
  access-list outside_access_in extended permit tcp any any eq https
  access-list outside_access_in remark passive FTP port range
  access-list outside_access_in extended permit tcp any host server object-group FTP_PASV_Ports
  access-list outside_access_in extended permit tcp any any eq ssh
  access-list outside_access_in extended permit tcp any any object-group FTPS
  access-list outside_access_in extended permit tcp any any eq ftp-data
  pager lines 24
  logging enable
  logging asdm informational
  mtu inside 1500
  mtu outside 1492
  icmp unreachable rate-limit 1 burst-size 1
  asdm image disk0:/asdm-621.bin
  no asdm history enable
  arp timeout 14400
  global (outside) 1 interface
  nat (inside) 1 0.0.0.0 0.0.0.0
  static (inside,outside) tcp interface www server www netmask 255.255.255.255
  static (inside,outside) tcp interface https server https netmask 255.255.255.255
  static (inside,outside) tcp interface smtp server smtp netmask 255.255.255.255
  static (inside,outside) tcp interface 3389 server 3389 netmask 255.255.255.255
  static (inside,outside) tcp interface pop3 server pop3 netmask 255.255.255.255
  static (inside,outside) tcp interface ftp server ftp netmask 255.255.255.255
  static (inside,outside) tcp interface ssh server ssh netmask 255.255.255.255
  static (inside,outside) tcp interface 990 server 990 netmask 255.255.255.255
  static (inside,outside) tcp interface ftp-data server ftp-data netmask 255.255.255.255
  access-group outside_access_in in interface outside
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  dynamic-access-policy-record DfltAccessPolicy
  http server enable
  http 192.168.10.0 255.255.255.0 inside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec security-association lifetime seconds 28800
  crypto ipsec security-association lifetime kilobytes 4608000
  telnet 0.0.0.0 0.0.0.0 inside
  telnet timeout 5
  ssh 192.168.10.0 255.255.255.0 inside
  ssh timeout 5
  console timeout 0
  vpdn group att request dialout pppoe
  vpdn group att localname @static.sbcglobal.net
  vpdn group att ppp authentication pap
  vpdn username @static.sbcglobal.net password *********
  dhcpd auto_config outside
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  username admin password rcuFiQnIXLd encrypted privilege 15
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum 512
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny 
    inspect sunrpc
    inspect xdmcp
    inspect sip 
    inspect netbios
    inspect tftp
    inspect ftp
  service-policy global_policy global
  prompt hostname context
  Cryptochecksum:ecb5356a2f5e680b
  : end
  I am programing the router with ASDM so if you could tell me what i need to do from the GUI to fix this.

  Dan,
  Looking at the output,
  Status:          Resolving address of domain.com
  Status:          Connecting to ExternalIP:990...
  Status:          Connection established, initializing TLS...
  Status:          Verifying certificate...
  Status:          TLS/SSL connection established, waiting for welcome message...
  This looks like FTPS which is not supported on the ASA. You can workaround it by trying to connect using Active mode from the outside instead of PSV.
  You can find more info here:
  https://supportforums.cisco.com/docs/DOC-23206
  Mike

• How to connect to an FTP server via Midnight Commander _User_Menu_?

  Hi everyone.
  There's a nifty command that works in MC and makes it connect to an FTP server and display its directories just as if they were local ones: cd ftp://USER_LOGIN@SERVER_NAME. The only thing it asks for is a password, obviously. That's exactly what i'm looking for, theoretically.
  I know it's not really a standard Bash command, because if invoked outside MC, it returns an error (directory not found).
  I got kind of tired of typing it in (or copypasting it) every time, so i thought why not make it automatic? A Bash alias or a shell script wouldn't work, because as i said, it's not really a bash command.
  But what surprised me was that it didn't work as an entry in MC's menu, too.
  Tried to go another way, discovered kftp, apparently it's completely not what i am looking for.
  And i didn't even understand what F9 > Left > FTP Link in MC did. It isn't automatic as well anyway, i have to type everything in manually.
  Can anyone advise how to automate FTP connection in MC, or even in Bash (so that MC just treats it like a regular directory)?
  Big thanks in advance.
  Last edited by kiruch (2010-07-04 20:53:44)

  kiruch wrote:mcsilva, here are the contents of my ~/.netrc file: machine ftp.0fees.net login MYLOGIN password MYPWD
  When i invoke cd ftp://ftp.0fees.net, it tells me bash: cd: ftp://ftp.0fees.net: No such file or directory
  This is not the correct way. You are using bash command line. For this to work it must be:
  # mc cd ftp://ftp.0fees.net
  kiruch wrote:When i invoke it as an entry of MC's menu (what i'm aiming for), i get /tmp/mc-cyril/mcusr6BWdYd: line 2: cd: ftp://ftp.0fees.net: No such file or directory - well, basically the same.
  I don't know what do you mean by "invoke an entry of MC's menu",
  Is this:
  Left->FTP link or Right->FTP link ?
  kiruch wrote:And finally, if i type cd ftp://ftp.0fees.net manually into MC's command prompt, i get a red alert message that says Cannot chdir to "ftp://ftp.0fees.net". Input/output error (5)
  In the first post you said you were able to login with "cd ftp://USER_LOGIN@SERVER_NAME", so MC is working well.
  This error you showed is the same which I have when I type "cd ftp.0fees.net" in the MC command prompt (maybe you typed wrong...)
  Instead, when I try "cd ftp://ftp.0fees.net" the popup error is:  "ftpfs: Login incorrect for user anonymous"
  This is what I expected, because I don't have the username and password and I'm trying a anonymous login.
  Are you sure your typing is right? Please, check your typing and try again.

• Getting remote file using FTP Server Issue in OSB

  Hi Guys,
  I have configured a FTP server on my local system and I created a proxy service to get file from ftp location to some other location but it fails . I used ftp protocol for getting file
  and my ftp location is D:\host\ftp and it has another folder called osb . I used ftp as protocol and EndPointURI is ftp://localhost/. It fails to get files and shows error message like
  com.bea.wli.sb.transports.TransportException: <user:osb>Unable to list files for
  directory: .
  at com.bea.wli.sb.transports.ftp.connector.FTPWorkPartitioningAgent.exec
  ute(FTPWorkPartitioningAgent.java:218)
  In case of Business Service, writing a file to ftp location (i.e ftp://localhost/ means D:\host\ftp\osb) working.
  I used service account for both proxy,BS to connect . osb is username and same as password.
  Can Any one please suggest me How to solve this issue?
  Thanks,
  Srinivas.
  Edited by: 863597 on May 22, 2012 1:06 AM

  Hi Vijay Thank you,
  Can we do the pooling directly using FTP protocol like JMS protocol in OSB with out using FTP JCA Adapter.I did in such a way but it fails. For pooling files the mentioned endpoint uri is as ftp://localhost/ and it actual path is D:\host\ftp and ftp has another folder called osb here i have to get the files from this osb Can any one suggest me if there is any problem with the ftp protocol end point.
  Thank You,
  Srinivas.

• Yosemite 10.10.2 server app. FTP help. I have a program running in my local server enviroment that wants to FTP to my mac folder. It asks for the server , name, password, port and path. what are they?

  So I have set up a localhost area in my Mac. I have the new server.app and I am running yosemite 10.10.2 .
  I have a program running in my local server enviroment that wants to FTP to my mac .
  It asks for the server , name, password, port and path. what are they?
  I am pretty certain that the Serveris "localhost",
  Name is my macs name (like my-mac-min)
  password is "my login password"
  and they suggest port 21.
  But what is the file path, lets just say my site is set up http://localhost/siteftp and is actually at my Users/Sites/siteftp folder.
  Why cant this program connect to the mac.
  Is it because they are both operating in the same localhost enviroment,
  could it be my folder permissions are not correct on siteftp folder?
  Help please !

  I tried turning the computer off and then back on. The alerts don't show the notice to update as resolved. Hopefully this is not a problem or an indicator or another problem. Should I ignore or reload 10.10.1 from the app store to trigger a resolved check in a green circle?
  Interesting that I had to buy server software after my free Yosemite download. I would have hoped that the two pieces of software would have gone together without any complication. It is not positive to end up buying a problem. Ah well, time to move on.