Knowledge Base

Home > Features > Clear Command Channel (CCC)

Created 25 Mar 2005
Modified 13 Dec 2013

Article 2551

Clear Command Channel (CCC)

The CCC command makes a secured control/command channel revert back to plaintext (un-secured).
This feature helps to solve data connection problems in situations where all the conditions below are met:

If the Clear Control Connection (CCC) setting is enabled, the FTP client connects to the server, negotiates a secure connection, authenticates (sends user and password) and reverts back to plaintext.

To change the control connection protection in SmartFTP go to the Favorite Properties. Then go to the FTP - Connection - TLS dialog and change the Control Connection option.

Technical Background
NAT routers automatically examine the PORT command sent through a control channel for un-secured control connections to the default FTP port (21) of the remote FTP server. This allows them to open an incoming port for the data connection, setup the routing/forwarding and rewrite the PORT IP with the external (WAN) IP address. If a secured connection (SSL) is made to a FTP server, the NAT router cannot interpret the data correctly as everything is encrypted. Therefore it cannot translate a PORT command and open the appropriate port for the expected incoming data connection. By sending a CCC command and further reverting back to plaintext the NAT router are once again able to translate the PORT commands.

Server Support
Most modern servers support this feature.

References

  1. RFC 4217
  2. Microsoft - How NAT works
  3. RFC 1631 - The IP Network Address Translator (NAT)

Keywords
CCC