Questions

Client can't connect to Filezilla Server

+
0 Votes
Locked

Client can't connect to Filezilla Server

stepsimon
Or anyone else for that matter.
I have a rule in my Symantec Endpoint Protection to open ports 20 and 21 to tcp as well as allowing traffic for the specific Filezilla server application.

When I run netstat -aon | more I can see that the PID for Filezilla is listening on the port

But, when I try to connect from inside the LAN the connection times out.

When I use a port checker tool like: http://www.canyouseeme.org/

It can't find port 21.

Any help would be appreciated.
  • +
    0 Votes
    robo_dev

    Active uses:
    FTP server's port 21 from anywhere (Client initiates connection)
    FTP server's port 21 to ports > 1023 (Server responds to client's control port)
    FTP server's port 20 to ports > 1023 (Server initiates data connection to client's data port)
    FTP server's port 20 from ports > 1023 (Client sends ACKs to server's data port)

    Passive uses:
    FTP server's port 21 from anywhere (Client initiates connection)
    FTP server's port 21 to ports > 1023 (Server responds to client's control port)
    FTP server's ports > 1023 from anywhere (Client initiates data connection to random port specified by server)
    FTP server's ports > 1023 to remote ports > 1023 (Server sends ACKs (and data) to client's data port)

    Of course you can set one or the other, or both in client or server

    +
    0 Votes
    Rob Kuhn

    If not mistaken, Filezilla also has a local monitoring/status which also shows in real time what is going on; shows who is connected, what someone is doing, attempted logins, etc. Things from the log file it generates.

    When I connection is attempted is anything showing up on the log or status screen?

    If you're on the server itself, can drop to a command window (I assume it's a Win box?) and just do an ftp o localhost -- if not, try disabling SEP and try again. If can with SEP disabled then you have to look at your SEP settings. If you can't connect then you have to look at your Filezilla settings.

    FWIW, I ran a Filezilla FTP server a couple of years ago and it was pretty simple. I had it on the outside of my coporate firewall with SEP v13.x installed. It wasn't a big installation - just 3-4 accounts and 2 groups. It was a pretty low maintenance site and very fast. :)

  • +
    0 Votes
    robo_dev

    Active uses:
    FTP server's port 21 from anywhere (Client initiates connection)
    FTP server's port 21 to ports > 1023 (Server responds to client's control port)
    FTP server's port 20 to ports > 1023 (Server initiates data connection to client's data port)
    FTP server's port 20 from ports > 1023 (Client sends ACKs to server's data port)

    Passive uses:
    FTP server's port 21 from anywhere (Client initiates connection)
    FTP server's port 21 to ports > 1023 (Server responds to client's control port)
    FTP server's ports > 1023 from anywhere (Client initiates data connection to random port specified by server)
    FTP server's ports > 1023 to remote ports > 1023 (Server sends ACKs (and data) to client's data port)

    Of course you can set one or the other, or both in client or server

    +
    0 Votes
    Rob Kuhn

    If not mistaken, Filezilla also has a local monitoring/status which also shows in real time what is going on; shows who is connected, what someone is doing, attempted logins, etc. Things from the log file it generates.

    When I connection is attempted is anything showing up on the log or status screen?

    If you're on the server itself, can drop to a command window (I assume it's a Win box?) and just do an ftp o localhost -- if not, try disabling SEP and try again. If can with SEP disabled then you have to look at your SEP settings. If you can't connect then you have to look at your Filezilla settings.

    FWIW, I ran a Filezilla FTP server a couple of years ago and it was pretty simple. I had it on the outside of my coporate firewall with SEP v13.x installed. It wasn't a big installation - just 3-4 accounts and 2 groups. It was a pretty low maintenance site and very fast. :)