Menu
Reply
  • 6
  • 0
  • 0
prids
Joining in
315 Views
Message 1 of 11
Flag for a moderator

FTP and 'port listening'

Hi,

How can I set up my router to accept incoming on ports 6000 - 7000?

I have this weird problem that has developed only over the last few days.

When I connect as usual to my various websites to upload files over FTP some files upload, others fail.

Typically, I receive an error message at some stage "There was a problem connecting to your host or proxy. Please check your server settings and try again. If you are sure you have entered the correct information, please contact your network administrator or the server administrator. [7] Additional information: couldn't connect to host."

I have spent over an hour on this with my hosting providers, and many hours trying to upload files one by one.  No joy at all.  They say it is my ISP problem, when at the end of the day that is always their 'stock' answer.

However, having done quite a bit of research on this now, using a troubleshooter at filezilla (not my usual FTP client) all of my sites fail; as a 'listening socket' cannot be contacted.  All my sites now fail also on my usual FTP clients.  Something has changed, and I have no idea what.

I will appreciate any help or advice.  I do IT support in my spare time, so this is a rather embarrassing question to ask!

Cheers, and Merry Christmas,

Paul

0 Kudos
Reply
  • 13.62K
  • 720
  • 4.71K
Superuser
Superuser
309 Views
Message 2 of 11
Flag for a moderator

Re: FTP and 'port listening'

I'd double check your FTP client to make sure it's only using Passive mode to download.  Because the only time you need inbound ports open like that is when you are doing FTP in Active mode.

Ravenstar68

 

________________________________________


Only use Helpful answer if your problems been solved.

0 Kudos
Reply
  • 6
  • 0
  • 0
prids
Joining in
291 Views
Message 3 of 11
Flag for a moderator

Re: FTP and 'port listening'

Thanks for your help.  

Yes I always select passive mode  It's weird, I can browse the site in a browser using ftp:// and entering username and password but get kicked out randomly in FTP clients or get a string of upload errors, only a few files actually getting there if I manage to get logged in at all.

The Hosts say 'We can access it no trouble, so it's your ISP problem'.  A tracert reveals quite a few timeouts, that may be the issue.

Thanks again.

Tracert with destination blankedTracert with destination blanked

0 Kudos
Reply
  • 13.62K
  • 720
  • 4.71K
Superuser
Superuser
285 Views
Message 4 of 11
Flag for a moderator

Re: FTP and 'port listening'

There is no value in blanking out the address of the FTP server.

Hackers will already know it, as

1. It's advertised by the hosting provider.
2. They run scripts from botnets that look for open ports consistent with FTP, SMTP, SSH and more, so they will already have it marked within hours of it going online.

Regarding the tracert, there's no issue with that.  Timeout's mid route can be caused when a node does not accept ICMP pings.  If tracing over TCP you can get a similar result as well.

If you are running passive mode then port forwarding isn't going to help.  I'll explain why.

In Passive mode the FTP client makes outbound connections to both the control ports and the data ports.

What happens in a nutshell

FTP client connects to port 21 in the server and does initial handshake and logging on.
FTP client then sends out the command PASSV
FTP server responds from port 21 with the following information - IP address of server, DATA port number.
FTP client then initiates an additional outbound connection to the DATA port

Note that both Control and Data connections are made outbound from the client to the server.  NAT therefore is not an issue and port forwarding is pointless.

Ravenstar68

Edit based on the above I would say that while the server is allowing control connection on port 21, when it creates a listening socket and sends back the information, Filezilla isn't connecting to that socket.

Knowing what was sent back in response to the PASSV command might provide a clue.

 

________________________________________


Only use Helpful answer if your problems been solved.

0 Kudos
Reply
  • 9.86K
  • 322
  • 852
legacy1
Hero
274 Views
Message 5 of 11
Flag for a moderator

Re: FTP and 'port listening'

The super hub and hub have short connection for being stateful so you likely need keep alive on for your client. You can test this in modem mode with a PC to the modem mode port and see.

0 Kudos
Reply
  • 13.62K
  • 720
  • 4.71K
Superuser
Superuser
250 Views
Message 6 of 11
Flag for a moderator

Re: FTP and 'port listening'

@prids

'listening socket' cannot be contacted - reminds me of a problem I had when I set up IIS and it's ftp server component.

I used Filezilla and found the following

Connecting from within my LAN - Filezilla would connect to the server and download/Upload files.
Connecting from outside my LAN Filezilla would connect to the server but wouldn't be able to get directory listings etc?

Sound familiar?

In my case it was because although I'd port forwarded port 21 (the control port) to the server , I hadn't port forwarded the data port range.  This meant my server was sending back the data port to the client, but when the client tried to connect, the connection was dropped by the Superhub.  When I port forwarded the passive range the issue was resolved.

Note I did say you didn't need port forwarding earlier.  I stand by this.  In this situation I was opening ports for my server and not my client.  I've never had to port forward when connecting a client to external FTP servers in passive mode.

Because of the above, I believe the issue is more likely to be on the server end.  Although there is one setting you can check on the client

Click Edit->Settings and under FTP check the following under passive mode

passiveoptions.JPG

Make sure the above setting is selected.

Turning the logging option to Verbose may yield additional information which could be useful in solving this.

Finally you mention you are getting this with all your sites - are they all hosted in the same place.

________________________________________


Only use Helpful answer if your problems been solved.

0 Kudos
Reply
  • 6
  • 0
  • 0
prids
Joining in
243 Views
Message 7 of 11
Flag for a moderator

Re: FTP and 'port listening'

Hi Ravenstar68,

Thank you very much indeed for the time that you are spending on my issue.

I must admit that I have not yet tried this from outside my LAN.  It has always worked perfectly well within before.  I have several domains, all with the same host, but under different hosting accounts.  The particular one that brought this to attention is on a dedicated IP with SSL, if that makes any difference.  I have now found that the others suffer the same issue.  So my current plan is to change hosts.

I had been carefully through all the Filezilla options, particularly the one as you suggest, but with no joy.  I did have some better success with Core FTP (Free Edition) as it seemed much more successful in re-establishing connection, and it is very quick and easy to re-designate a file from 'failed' to 'pending', but the connection still repeatedly times out.  Some of my files find their mark, some just do not.

My conclusion is that this is a server issue, although the hosts deny it; yet I can still log into my cpanel > File Manger and upload the files one by one with no problem, no time outs, no disconnections.  Jolly tedious, but it does work.

For general info I have used Coffee Cup Direct FTP for years with no problem, similarly a built in FTP in a program Simfatic Forms which I use very often.

All of my activities with this are for social or charitable arrangements, so it is very irritating when the tech fails and I cannot figure out why!

Thanks again for your most valuable help, and I wish you and yours a great Christmas!

Cheers

Paul

0 Kudos
Reply
  • 6
  • 0
  • 0
prids
Joining in
242 Views
Message 8 of 11
Flag for a moderator

Re: FTP and 'port listening'

Thanks legacy1,

I have not followed through on your suggestions as McAfee did not like the website link, and I am very reluctant to run the other script without knowing more about it.

Sorry, but a bit (actually very) paranoid in that respect.

In any event, thank you for taking the time to think about this and reply.

All the best and Happy Christmas,

Paul

 

0 Kudos
Reply
  • 13.62K
  • 720
  • 4.71K
Superuser
Superuser
238 Views
Message 9 of 11
Flag for a moderator

Re: FTP and 'port listening'

Can you post the actual logs of the FTP exchange - obviously not your password and username though?

It often sheds more light if we can see exactly what's happening when the client and server are talking.

________________________________________


Only use Helpful answer if your problems been solved.

0 Kudos
Reply
  • 9.86K
  • 322
  • 852
legacy1
Hero
215 Views
Message 10 of 11
Flag for a moderator

Re: FTP and 'port listening'


prids wrote:

Thanks legacy1,

I have not followed through on your suggestions as McAfee did not like the website link, and I am very reluctant to run the other script without knowing more about it.

Sorry, but a bit (actually very) paranoid in that respect.

In any event, thank you for taking the time to think about this and reply.

All the best and Happy Christmas,

Paul

 


Did you not read my post right or something?

 

 

0 Kudos
Reply