FTP drops connection on "ls" command

Conventions: xyz server = FTP server giving me problems. Username = me. Problem is on my
"home" pc.

Nature of problem: Have been successfully using an FTP site that I have access to for several years. I didn't need to log in for a month or two, and when I tried to access it a week or so ago I started having problems.

Here is what I know: I can log in to server successfully, but when an "ls" or "list" command is
issued, FTP connection hangs and then drops (see log files). I can access other FTP sites from my
home pc with no problem. Can access xyz.com FTP site from other pc's in my home (on same
subnet) so no problem at router level I assume? Can also FTP to xyz.com from work successfully.
Have tried various FTP clients (SmartFTP, DirectFTP, command line, etc.) same result with all. Have
toggled "passive" mode on and off: get different error messages, but same result. Have spoken with
server admin who says there were no known server issues/changes. Had ZoneAlarm firewall running
for long period on home pc with no known issues. Uninstalled ZoneAlarm, just to see what
happened got same result from FTP server. Have suspended a/v, run winsockxpfix, tested extensively, all to no avail. Would appreciate ANY tips or suggestions of what to try next. Seems to be some kind of PORT issue, but I'm not technical enough to tell for sure?

Whatever the problem is, it is unique to the server xyz.com from my home pc? Sorry to be so
longwinded, but it's driving me nuts.

gris2901



*******************************************************************************

Successful connection log below:
Initiated from Username work pc to xyz server with passive mode disabled.

Connecting to www.xyz.com 12/2/2005 8:56:35 PM
220 (vsFTPd 1.2.1)
USER username

331 Please specify the password.
PASS ****
230-Username -
230-
230-This is your home directory.
230-I will set you up a web server shortly.
230-
230-
230-
230-
230-
230-
230 Login successful.
FEAT

211-Features:
MDTM
REST STREAM
SIZE
211 End
PWD

257 "/home/username"
TYPE A

200 Switching to ASCII mode.
CWD /home/username

250 Directory successfully changed.
PORT 192,168,16,21,14,199

200 PORT command successful. Consider using PASV.
LIST -a

150 Here comes the directory listing.
226 Directory send OK.
TYPE A

200 Switching to ASCII mode.
CWD /home/username

250 Directory successfully changed.
PORT 192,168,16,21,14,200

200 PORT command successful. Consider using PASV.
LIST -a

150 Here comes the directory listing.
226 Directory send OK.


**************************************************************************

Successful connection log below:
Initiated from Username home pc to ftp.smartftp.com server (anonymous) with passive
mode enabled.


Connecting to ftp.smartftp.com 12/3/2005 8:35:11 AM
220-SmartFTP Server
220 service ready
USER anonymous

331 User name okay, need password.
PASS ****
230 User logged in, proceed.
FEAT

211-Extensions supported:
SIZE
REST
MDTM
AUTH TLS
AUTH SSL
PBSZ
PROT
CLNT
SSCN
XCRC
XMD5
XSHA1
EPRT
EPSV
MODE Z
MLST type*;size*;modify*;create*;perm*;unix.owner;unix.group;windows.lastaccesstime;win32.ea;
UTF8
211 END
PWD

257 "/" is the current directory
TYPE A

200 Command okay.
MODE Z

200 Command Ok.
OPTS MODE Z LEVEL 6

200 MODE Z LEVEL set to 6
CWD /

250 Requested file action okay, completed.
PASV

227 Entering Passive Mode (213,144,155,6,62,207)
LIST -a

150 File status okay; about to open data connection.
226 Closing data connection. Transfer Complete (104 bytes)
TYPE A

200 Command okay.
CWD /

250 Requested file action okay, completed.
PASV

227 Entering Passive Mode (213,144,155,6,62,190)
LIST -a

150 File status okay; about to open data connection.
226 Closing data connection. Transfer Complete (104 bytes)


********************************************************************************

Failed connection log below:
Initiated from Username home pc to xyz server with passive mode disabled.

Connecting to www.xyz.com 12/2/2005 10:56:41 PM
220 (vsFTPd 1.2.1)
USER username

331 Please specify the password.
PASS ****
230-Username -
230-
230-This is your home directory.
230-I will set you up a web server shortly.
230-
230-
230-
230-
230-
230-
230 Login successful.
FEAT

211-Features:
MDTM
REST STREAM
SIZE
211 End
PWD

257 "/home/username"
TYPE A

200 Switching to ASCII mode.
CWD /home/username

250 Directory successfully changed.
PORT 192,168,0,6,8,46

200 PORT command successful. Consider using PASV.
LIST -a

425 Failed to establish connection.
ERROR 40425 Failed to establish connection.
TYPE A

200 Switching to ASCII mode.
CWD /home/username

250 Directory successfully changed.
PORT 192,168,0,6,8,48

200 PORT command successful. Consider using PASV.
LIST -a

425 Failed to establish connection.
ERROR 40425 Failed to establish connection.


**********************************************************************************

Failed connection log below:
Initiated from Username home pc with passive mode enabled.

Connecting to www.xyz.com 12/2/2005 11:40:20 PM
220 (vsFTPd 1.2.1)
USER username

331 Please specify the password.
PASS ****
230-Username -
230-
230-This is your home directory.
230-I will set you up a web server shortly.
230-
230-
230-
230-
230-
230-
230 Login successful.
FEAT

211-Features:
MDTM
REST STREAM
SIZE
211 End
PWD

257 "/home/username"
TYPE A

200 Switching to ASCII mode.
CWD /home/username

250 Directory successfully changed.
PASV

227 Entering Passive Mode (64,6,42,21,244,144)
ERROR 10060 Data Socket: The current connection has timeout.
TYPE A

200 Switching to ASCII mode.
CWD /home/username

250 Directory successfully changed.
PASV

227 Entering Passive Mode (64,6,42,21,216,118)
ERROR 10060 Data Socket: The current connection has timeout.

***********************************************************************

If you have read this far in these log files, thank you very much and God bless you.

There are two options:

1) You connect in active mode. This requires you to configure some port forwarding: Go to Tools -> Settings, Connection. Choose to limit the port range to e.g. 6000 - 7000, and forward that port range via NAT to your PC in your router / firewall / DSL-modem. Alternatively, you could try to limit the port range and enable UPNP (in the checkbox below) if your router supports UPNP.

2) You connect in passive mode. This requires the server administrator to make some changes to his firewall / router. For vsFTPd, he needs to adjust the pasv_min_port / pasv_max_port values in vsftpd.conf and forward these ports through his firewall to the server.

thanks very much for reply and information eyebex. This is exactly the type specific information I've been looking for. Appreciate your taking time to answer.

I am wondering why it is that another pc on the same subnet as mine has no problems accessing the ftp site giving me problems without doing port forwarding?

thanks again,

gris2901

Maybe on that PC UPNP is used to do port forwarding automatically?

I agree the term "Server IP Address" is really misleading here, as you should enter your local subnet IP (and not the FTP server's IP). NETGEAR just assumes that you are running a server yourself (which is also a common reason to do port forwarding), so they call your PC a server.

I would suggest to "Add a Custom Service" called "FTP_CLIENT" which forwards ports 6000 to 7000 to e.g. 192.168.0.6 (your local subnet IP). Remeber to enter the same IP range in SmartFTP under Tools -> Settings, Connection.

I agree the term "Server IP Address" is really misleading here, as you should enter your local subnet IP (and not the FTP server's IP). NETGEAR just assumes that you are running a server yourself (which is also a common reason to do port forwarding), so they call your PC a server.

I would suggest to "Add a Custom Service" called "FTP_CLIENT" which forwards ports 6000 to 7000 to e.g. 192.168.0.6 (your local subnet IP). Remeber to enter the same IP range in SmartFTP under Tools -> Settings, Connection.

eyebex,

tried above fix, but again, no luck. You have been very helpful and I have learned a lot, but at this point I think I will just resort to a USB flash drive, take my files to work and upload from there. Whatever this problem is, I think it is so arcane and strange that it is defying all logic. And I hold Bill Gates personally responsible.

Actually, I am just stubborn enough to keep plugging away at it so I posted a log from my post-fix connection attempt below. If you see anything in the log of consequence, or have something else to try, I would appreciate hearing of it.

thanks again....
gris2901


SmartFTP v1.5.991.22
Resolving host name "www.ftpserver.com"
Connecting to xx.6.yy.21 Port: 21
Connected to www.ftpserver.com.
220 (vsFTPd 1.2.1)
USER user
331 Please specify the password.
PASS (hidden)
230-user -
230-
230-This is your home directory.
230-I will set you up a web server shortly.
230-
230-
230-
230-
230-
230-
230 Login successful.
SYST
215 UNIX Type: L8
FEAT
211-Features:
MDTM
REST STREAM
SIZE
211 End
PWD
257 "/home/user"
CWD /home/user
250 Directory successfully changed.
PWD
257 "/home/user"
TYPE A
200 Switching to ASCII mode.
PORT 192,168,0,6,23,113
200 PORT command successful. Consider using PASV.
LIST -aL
425 Failed to establish connection.
Automatic failover of data connection mode from "Active Mode (PORT)" to "Passive Mode (PASV)".
PASV
227 Entering Passive Mode (xx,6,yy,21,248,16)
Opening data connection to xx.6.yy.21 Port: 63504
LIST -aL
A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.

The problem is this line:

You're asking the server to connect to IP 192.168.0.6, port 6001 (=23*256+11). But as 192.168.*.* are reserved for LAN usage, they may not be used in the Internet. You need to force SmartFTP to report your real Internet IP here (the IP that has been assigned to the router). Do you have "PORT IP Mode" (on the same page in the SmartFTP settings where you limit the port range) set to "Auto"? If no, try doing so. If yes, try setting it to "Manual", check your router's IP address using http://checkip.dnydns.org/ and enter that IP into the below edit field.