FTP Passive mode error

English support forum

Moderators: white, Hacker, petermad, Stefan2

Post Reply
PJ
New Member
New Member
Posts: 1
Joined: 2016-10-12, 14:13 UTC
Location: Verzuolo (CN) - Italy

FTP Passive mode error

Post by *PJ »

Dear all,
I read some post about my problem but any answer daoesn't help me.
I'm using Total Commander (x64) v8.51a
Here what's happen to my ftp connection (log file):
----------
Connect to: (12/10/2016 15:54:04)
hostname=95.242.90.116
username=pierpaolo
startdir=arr/Office
95.242.90.116=95.242.90.116
220 192.168.1.100 FTP server ready
USER gino
331 Password required for pierpaolo
PASS ***********
230 User gino logged in
SYST
215 UNIX Type: L8
FEAT
211-Features:
MDTM
MFMT
TVFS
AUTH TLS
MFF modify;UNIX.group;UNIX.mode;
MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;
LANG en-US*
PBSZ
PROT
REST STREAM
SIZE
211 End
OPTS UTF8 ON
451 Unable to accept OPTS UTF8
CWD arr/Office
250 CWD command successful
Connect ok!
PWD
257 "arr/Office" is the current directory
Lettura cartella
TYPE A
200 Type set to A
PASV
227 Entering Passive Mode (192,168,1,100,184,81).
Server reports local IP -> Redirect to: 95.242.90.116
PORT 192,168,1,3,195,150
500 PORT/EPRT (Active Mode/Extended Active Mode) is not supported. Use PASV/EPSV instead of this
QUIT
221 Goodbye.
----------

Followind suggestions I verify windows firewall, the antivirus and I also set SpercialFlags=1024 in wcx_ftp.ini.
Nothing works. :cry:
Could You help me?
Thanks ad Best Regards
PJ[/b]
User avatar
ghisler(Author)
Site Admin
Site Admin
Posts: 48021
Joined: 2003-02-04, 09:46 UTC
Location: Switzerland
Contact:

Post by *ghisler(Author) »

As the log suggests, try using passive mode:

Ctrl+F - Edit connection - Passive mode.
Author of Total Commander
https://www.ghisler.com
Sob
Power Member
Power Member
Posts: 941
Joined: 2005-01-19, 17:33 UTC

Post by *Sob »

If you're connecting to 95.242.90.116 and server returns 192.168.1.100 for passive transfers, you can be 99.9% sure it's misconfigured. TC tries to connect to the original public address instead, which might sometimes work, but not always. You need to fix server configuration (or tell someone else to fix it, if it's not your server) and then you won't have problems.
User avatar
wanderer
Power Member
Power Member
Posts: 1575
Joined: 2003-03-28, 14:35 UTC
Location: Sol

Post by *wanderer »

I think i have a similar problem. I'm connecting via TC/ftps to my provider. As soon as i check SSL/TLS in TC, it automatically checks Passive mode too. When i try to connect, i receive the following:
221 Logout.
----------
SSL: Libraries loaded OK! C:\Windows\system32\libeay32.dll
Connect to: (19/05/2017 10:21:46)
hostname=<MY HOSTNAME>
username=<MY USERID>
startdir=
<MY HOSTNAME>=<MY HOSTNAME IP>
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 03:26. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
AUTH TLS
234 AUTH TLS OK.
Method: TLSv1.2
Cert subject: <BLAH>
Cert issuer: <BLAH>
Chain verification: Subject: <BLAH>
Chain verification: Subject: <BLAH>
Chain verification (2): OK
USER <MY USERID>
331 User <MY USERID> OK. Password required
PASS ***********
230 OK. Current restricted directory is /
SYST
215 UNIX Type: L8
FEAT
211-Extensions supported:
EPRT
IDLE
MDTM
SIZE
MFMT
REST STREAM
MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
MLSD
AUTH TLS
PBSZ
PROT
UTF8
TVFS
ESTA
PASV
EPSV
SPSV
ESTP
211 End.
PBSZ 0
200 PBSZ=0
PROT P
200 Data protection level set to "private"
OPTS UTF8 ON
200 OK, UTF-8 enabled
Connect ok!
PWD
257 "/" is your current location
Get directory
TYPE A
200 TYPE is now ASCII
PORT 127,0,0,1,201,163
500 I won't open a connection to 127.0.0.1 (only to <MY PUBLIC IP>)
PASV
227 Entering Passive Mode (<BLAH>)
PORT 127,0,0,1,201,169
500 I won't open a connection to 127.0.0.1 (only to <MY PUBLIC IP>)
If i remove SSL and uncheck Passive mode, it works fine. So...

1. If i select SSL and unselect Passive mode, TC insists on sending PASV to the server. Is this normal?

2. Is there something my provider should do? Should i just send them this log and they'll fix it or it's a TC thing?
- Wanderer -

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Normally using latest TC on:
x32: WinXPx32 SP3
x64: Clients/Servers from Win7 to Win11 and Win2K12Srv to Win2K22Srv, mainly Win10 though.
User avatar
ghisler(Author)
Site Admin
Site Admin
Posts: 48021
Joined: 2003-02-04, 09:46 UTC
Location: Switzerland
Contact:

Post by *ghisler(Author) »

FTP via SSL requires passive mode, otherwise it wouldn't go through the firewall. Apparently you have unchecked passive mode, making TC try to use PORT mode - which fails due to the internal address given.

What you need to do on the server:
1. Set a passive port range in the FTP server, at least 1000 ports, e.g. 10000-11000.
2. Allow that same port range as incoming ports in the firewall.
Author of Total Commander
https://www.ghisler.com
Post Reply