| Dart Home | PowerTCP FTP for ActiveX | Custom Development | Reply | PowerTCP FTP for ActiveX Topics | Forums |
| Author | Forum: PowerTCP FTP for ActiveX Topic: proxy settings for |
| Glenn Carr From: Tulsa, OK USA Posts: 42 Member Since: 08/21/02 |
posted June 4, 2003 11:26 AM Does anyone know what proxy settings with the Dart FTP component would be required for the Checkpoint firewall? I'm gathering more detailed failure information from our customer now, but wanted to throw out a question in advance. Thanks, Glenn |
K M Drake From: Utica, NY USA Posts: 3406 Member Since: 07/14/00 |
posted June 6, 2003 9:57 AM Hi Glenn, From searching the web, it looks like Checkpoint is a USER type proxy. -ken |
| Glenn Carr From: Tulsa, OK USA Posts: 42 Member Since: 08/21/02 |
posted June 6, 2003 10:37 AM Thanks, do you have the URLs for that information? |
| K M Drake From: Utica, NY USA Posts: 3406 Member Since: 07/14/00 |
posted June 6, 2003 11:12 AM Hi, It really wasn't much information, it was just a newsgroup where someone had posted they were able to get through their Checkpoint firewall by setting Ws_Ftp settings to the USER type of firewall. -ken |
| Glenn Carr From: Tulsa, OK USA Posts: 42 Member Since: 08/21/02 |
posted June 20, 2003 2:34 PM We have a customer that is behind a firewall but is able to transfer file with CuteFTP. Here are the settings they use for CuteFTP: http://progistics.connectship.com/gnc/cuteftp_firewall_settings.jpg The use our software, which in turn uses the DartFTP component to transfer files. But in order to isolate the firewall problem and remove the possibilty of our software interferring, I wrote the following script [1] which only uses the DartFTP component to transfer the file. When they use the OPEN proxy setting (same as used with CuteFTP), the script returns this error: "[ftpevent_Error] 10061, Connect method failed. No connection could be made because the target machine actively refused it. This usually results from trying to connect to a service that is inactive on the foreign host - i.e. one with no server application running." Any ideas? Thanks, Glenn [1] -- testftp.vbs -- ' File to transfer localFileToTransfer = "testfile.zip" remoteNewFile = "/incoming/testfile.zip" ' FTP server/username/password ftpServer = "ftpserver" ftpUsername = "ftpserverusername" ftpPassword = "ftpserverpassword" ' Change these to match your proxy server configuration proxyHost = "ftpproxyservername" proxyUsername = "ftpproxyusername" proxyPassword = "ftpproxypassword" proxyPort = 21 ' Uncomment (remove the tick mark at the beginning of the line) _one_ of these 'proxyType = 0 ' No proxy 'proxyType = 1 ' Uses a SOCKS V4 Proxy. 'proxyType = 2 ' Uses a SOCKS V5 Proxy. 'proxyType = 3 ' Connects to proxy and sends: SITE <hostname> to establish connection to host, afterwards User is logged in using Username and Password. If ProxyUsername and ProxyPassword are specified, user is logged into proxy before sending SITE request. 'proxyType = 4 ' Connects to proxy and logs in with ProxyUsername and ProxyPassword, then connects to host by sending: USER <username>@<hostname> 'proxyType = 5 ' Connects to proxy and sends: USER <username>@<hostname> proxyType = 6 ' Connects to proxy and sends: OPEN < hostname> 'proxyType = 7 ' Proxy connects to a predetermined server and logs in using supplied username and password. ''''''''''' Don't change anything below this line '''''''''''''''' set ftp = WScript.CreateObject( "Dart.Ftp", "ftpevent_" ) ftp.Timeout = 0 ftp.ProxyType = proxyType ftp.ProxyHost = proxyHost ftp.ProxyUsername = proxyUsername ftp.ProxyPassword = proxyPassword ftp.ProxyPort = proxyPort ftp.Trace "ftptrace.log", True, True, vbCrLf & "Sent: ", vbCrLf & "Recv: " ftp.Login ftpServer, ftpUsername, ftpPassword WScript.Sleep 10000 ftp.Store remoteNewFile, localFileToTransfer WScript.Sleep 30000 ftp.Logout sub ftpevent_Progress( ftpcmd, status, reply, cnt, sz ) WScript.Echo "[ftpevent_Progress] Status:" & status & ", Reply:" & reply & ", Count:" & cnt & ", Size:" & sz end sub sub ftpevent_Error( num, desc ) WScript.Echo "[ftpevent_Error] " & num & ", " & desc end sub ------------------ |
| Glenn Carr From: Tulsa, OK USA Posts: 42 Member Since: 08/21/02 |
posted June 20, 2003 2:37 PM TYPO: _They_ use our software Also, the comments on these lines wrapped them: --- 'proxyType = 0 ' No proxy 'proxyType = 1 ' Uses a SOCKS V4 Proxy. 'proxyType = 2 ' Uses a SOCKS V5 Proxy. 'proxyType = 3 ' Connects to proxy and sends: SITE <hostname> to establish connection to host, afterwards User is logged in using Username and Password. If ProxyUsername and ProxyPassword are specified, user is logged into proxy before sending SITE request. 'proxyType = 4 ' Connects to proxy and logs in with ProxyUsername and ProxyPassword, then connects to host by sending: USER <username>@<hostname> 'proxyType = 5 ' Connects to proxy and sends: USER <username>@<hostname> proxyType = 6 ' Connects to proxy and sends: OPEN < hostname> 'proxyType = 7 ' Proxy connects to a predetermined server and logs in using supplied username and password. --- Should be: 'proxyType = 0 'proxyType = 1 'proxyType = 2 'proxyType = 3 'proxyType = 4 'proxyType = 5 proxyType = 6 'proxyType = 7 |
| K M Drake From: Utica, NY USA Posts: 3406 Member Since: 07/14/00 |
posted June 23, 2003 10:05 AM Hi Glenn, Two comments, one about the settings, and one about the code itself. First, in the CuteFtp settings you are using non-passive mode, but your script never sets Passive = False. Second, you are programming in a scripting fashion, so there is no reason to use non-blocking (Timeout = 0). Removing this line will also let you to remove all the Sleep calls, since each call will block until it has completed executing. Hope this helps, -ken |
| Glenn Carr From: Tulsa, OK USA Posts: 42 Member Since: 08/21/02 |
posted June 23, 2003 11:43 AM Thanks. Would the Passive setting cause this error: "10061, Connect method failed. No connection could be made because the target machine actively refused it. This usually results from trying to connect to a service that is inactive on the foreign host - i.e. one with no server application running." We don't understand why CuteFTP is able to connect and transfer using the settings in the dialog, but the Dart component is unable to do so -- unless it's the Passive setting which I'll correct, and let the customer try. Any ideas at all? |
| K M Drake From: Utica, NY USA Posts: 3406 Member Since: 07/14/00 |
posted June 23, 2003 11:48 AM Hi, Yes. -ken |
| Glenn Carr From: Tulsa, OK USA Posts: 42 Member Since: 08/21/02 |
posted July 1, 2003 5:04 PM To follow up... Here is a script that one of our customers is using [1], and following it is the log [2]. The passive setting is explicitly set to false, but still the same error. Any more ideas about what's going on? He swears that he's able to connect and transfer with CuteFTP just fine (see the earlier CuteFTP settings dialog), but this script refuses to connect.... why??? Thanks, Glenn [1] ----------------- ' File to transfer localFileToTransfer = "testfile.zip" remoteNewFile = "/incoming/gnc_test_" & DateDiff("s", "01/01/1970 00:00:00", Now) & ".zip" ' FTP server/username/password ftpServer = "ftp.tandata.com" ftpUsername = "tandata/ftpguest" ftpPassword = "xxxxx" ' Change these to match your proxy server configuration proxyHost = "sec-proxy.meca.panasonic.com" proxyUsername = "uuuuu" proxyPassword = "yyyyy" proxyPort = 21 proxyType = 6 ' Connects to proxy and sends: OPEN < hostname> ''''''''''' Don't change anything below this line '''''''''''''''' Set fso = CreateObject("Scripting.FileSystemObject") LogTrace( vbCrLf & "*********************************** " ) LogTrace( "**** - Starting new FTP test - **** " & Now & vbCrLf ) set ftp = WScript.CreateObject( "Dart.Ftp", "ftpevent_" ) ftp.ProxyType = proxyType ftp.ProxyHost = proxyHost ftp.ProxyUsername = proxyUsername ftp.ProxyPassword = proxyPassword ftp.ProxyPort = proxyPort ftp.Passive = False LogTrace( "FTP properties: " ) LogTrace( " Timeout: " & ftp.Timeout ) LogTrace( " ProxyHost: " & ftp.proxyHost ) LogTrace( " ProxyType: " & ftp.ProxyType ) LogTrace( " ProxyUsername: " & ftp.ProxyUsername ) LogTrace( " ProxyPassword: " & ftp.ProxyPassword ) LogTrace( " ProxyPort: " & ftp.ProxyPort ) ftp.Trace "c:\ftptrace.log", True, True, vbCrLf & "Sent: ", vbCrLf & "Recv: " LogTrace( " Login: " & "ftpServer = " & ftpServer & ", ftpUsername = " & ftpUsername & ", ftpPassword = " & ftpPassword ) ftp.Login ftpServer, ftpUsername, ftpPassword ftp.Store remoteNewFile, localFileToTransfer ftp.Logout sub ftpevent_Progress( ftpcmd, status, reply, cnt, sz ) LogTrace( "[ftpevent_Progress] Status:" & status & ", Reply:" & reply & ", Count:" & cnt & ", Size:" & sz ) end sub ' Event handling routines sub ftpevent_Error( num, desc ) LogTrace( "[ftpevent_Error] " & num & ", " & desc ) end sub function LogTrace( msg ) WScript.Echo msg Set traceFile = fso.OpenTextFile( "c:\ftptrace.log", 8, True ) traceFile.WriteLine( msg ) traceFile.Close end function ------------ [2] ------------ Microsoft (R) Windows Script Host Version 5.1 for Windows Copyright (C) Microsoft Corporation 1996-1999. All rights reserved. *********************************** **** - Starting new FTP test - **** 7/1/2003 1:09:37 PM FTP properties: Timeout: 30000 ProxyHost: sec-proxy.meca.panasonic.com ProxyType: 6 ProxyUsername: uuuuu ProxyPassword: yyyyy ProxyPort: 21 Login: ftpServer = ftp.tandata.com, ftpUsername = tandata/ftpguest, ftpPassword = xxxxx [ftpevent_Error] 10061, Connect method failed. No connection could be made because the target machine actively refused it. This usually results from trying to connect to a service that is inactive on the foreign host - i.e. one with no server application running. ------------ |
| K M Drake From: Utica, NY USA Posts: 3406 Member Since: 07/14/00 |
posted July 2, 2003 9:12 AM Hi, I would start by comparing the trace log (Trace method) with a successful session log from CuteFtp. How do the two differ? Thanks, -ken |
| Glenn Carr From: Tulsa, OK USA Posts: 42 Member Since: 08/21/02 |
posted July 2, 2003 12:12 PM Here is a CuteFTP session log from the customer showing the connection through the firewall. Can you give me any pointers at all? --- STATUS:> Connecting to ediftp.dhl-usa.com STATUS:> Connecting to ediftp.dhl-usa.com (ip = 199.41.254.9) STATUS:> Socket connected. Waiting for welcome message... 220-aftpd:Please enter your username and password 220 aftpd: STATUS:> Connected. Authenticating... COMMAND:> USER kentnpc 331 aftpd: FireWall-1 password: you can use FW-1-password COMMAND:> PASS ******** 230-aftpd:User kentnpc authenticated by FireWall-1 authentication 230-aftpd:Connected to 199.41.254.9. Logging in... 230 aftpd:220 ediftp1 FTP server (SecureTransport 3.0.3) ready. STATUS:> Login successful COMMAND:> TYPE I 530 Please login with USER and PASS. COMMAND:> REST 100 502 Security server inhibited REST command STATUS:> This site cannot resume broken downloads COMMAND:> REST 0 502 Security server inhibited REST command COMMAND:> pwd 530 Please login with USER and PASS. COMMAND:> TYPE A 530 Please login with USER and PASS. ERROR:> Can't retrieve directory listing COMMAND:> user tandatac 331 Password required for tandatac. 230 Virtual user tandatac logged in. --- |
| K M Drake From: Utica, NY USA Posts: 3406 Member Since: 07/14/00 |
posted July 2, 2003 4:14 PM Hi, I've never heard of an Open proxy requiring username and password. I think this is the root of the problem. Also, it looks like CuteFtp has some difficulty with it as well, based on your log. Now what does the Dart log look like? You may have to use the command method to manually send the Username and Password. Thanks, -ken |
| Glenn Carr From: Tulsa, OK USA Posts: 42 Member Since: 08/21/02 |
posted July 8, 2003 1:04 PM OK... I had our customer re-run the script with each ProxyType setting (0-7), and the ProxyHost, ProxyUsername, and ProxyPassword set to point at their proxy server. The only connection that partially succeeded was with ProxyType = 0. BUT, it connected to the proxy host instead of the target host specified in the ftp.Login call. Here is the output of the script[1]. The script (same one earlier in the thread) just calls Ftp.Login() specifying the target FTP host (not the proxy): ftp.Login ftpServer, ftpUsername, ftpPassword ftp.Store remoteNewFile, localFileToTransfer ...and then calls FTP.Store(). But, it appears that the login is trying to login to the proxy first. Is this expected? Do I need manual handle handshaking with the proxy? And, if so, how exactly? ARRRGHHHHH!!! (I feel better now.) Thanks yet again, Glenn [1] --- *********************************** **** - Starting new FTP test - **** 7/7/2003 12:40:40 PM FTP properties: Timeout: 30000 ProxyHost: sec-proxy.meca.panasonic.com ProxyType: 0 ProxyUsername: kentnpc ProxyPassword: 41@nPc ProxyPort: 21 Passive: False Login: ftpServer = ftp.tandata.com, ftpUsername = tandata/ftpguest, ftpPassword = oilboom [ftpevent_Progress] Status:0, Reply:220-aftpd:Please enter your username and password 220 aftpd: , Count:0, Size:0 [ftpevent_Progress] Status:2, Reply:331-aftpd:User tandata/ftpguest not found 421 aftpd: aborted , Count:0, Size:0 [ftpevent_Error] 11101, 331-aftpd:User tandata/ftpguest not found 421 aftpd: aborted --- |
| K M Drake From: Utica, NY USA Posts: 3406 Member Since: 07/14/00 |
posted July 9, 2003 10:01 AM Hi, Again, it would be a lot more helpful if I could see the Ftp.Trace log. This will show the commands sent by the control, in addition to the server's responses. Also, this should be done with the correct ProxyType set. If you were to use ftpProxyNone, you would Login to the proxy server, and then use the Command method for logging in to the Ftp server. -ken |
| Glenn Carr From: Tulsa, OK USA Posts: 42 Member Since: 08/21/02 |
posted July 9, 2003 11:15 AM :: Again, it would be a lot more helpful if I :: could see the Ftp.Trace log. This will show :: the commands sent by the control, in addition :: to the server's responses. Also, this should :: be done with the correct ProxyType set. I guess I am confused. This _is_ the output from the Trace. In the script (above) there is this line: ftp.Trace "c:\ftptrace.log", True, True, vbCrLf & "Sent: ", vbCrLf & "Recv: " Granted, I also use that same file to log some other stuff, in the LogTrace function. But intermingling this has worked fine so far (apparently). :: If you were to use ftpProxyNone, you would :: Login to the proxy server, and then use the :: Command method for logging in to the Ftp :: server. I guess one of my questions is why it is trying to login to the proxy server when ProxyType is set to ftpProxyNone (0)? I would assume it ignore the proxy server if ProxyType is 0. Is that the case? Thanks again, for your endurance ;) |
| Glenn Carr From: Tulsa, OK USA Posts: 42 Member Since: 08/21/02 |
posted July 9, 2003 11:21 AM In the log above here is the output generated by turning on the Trace in the FTP component: --- 220 aftpd: 421 aftpd: aborted 421 aftpd: aborted --- It is intermingled with the output from the event methods in the script: --- , Count:0, Size:0 [ftpevent_Progress] Status:2, Reply:331-aftpd:User tandata/ftpguest not found , Count:0, Size:0 [ftpevent_Error] 11101, 331-aftpd:User tandata/ftpguest not found --- |
| K M Drake From: Utica, NY USA Posts: 3406 Member Since: 07/14/00 |
posted July 10, 2003 10:15 AM Hi, What I am looking for are the contents of the trace file. What you have posted is incomplete, and only shows the server's responses. If, as you say, you have set up the trace like this: ftp.Trace "c:\ftptrace.log", True, True, vbCrLf & "Sent: ", vbCrLf & "Recv: " I should see something like this: Recv: 220 ... Sent: USER ... Recv: 331 ... Sent: PASS ... ... To answer your question, no, if the ProxyHost is set, the control will try to connect to it. -ken |
| K M Drake From: Utica, NY USA Posts: 3406 Member Since: 07/14/00 |
posted July 11, 2003 12:19 PM Hi Glenn, That is not right. To connect to a server through an OPEN proxy, you simply need to: Ftp1.ProxyType = ftpProxyOpen Ftp1.ProxyHost = "myOPENproxy" Ftp1.ProxyPort = proxyPort Ftp1.Login "myFtpServer", "myUsername", "myPassword" The control will connect to the proxy and send the OPEN command, followed by USER and PASS. The following is an example trace: Recv<-220 Welcome to myOPENProxy Send->OPEN myFtpServer Recv<-220 Welcome to myFtpServer Send->USER myUsername Recv<-331 Please specify the password. Send->PASS myPassword Recv<-230 Login successful. Have fun. -ken |
| Glenn Carr From: Tulsa, OK USA Posts: 42 Member Since: 08/21/02 |
posted July 11, 2003 12:38 PM Hmm... I'm fairly certain our code is doing with the FTP component. But, that doesn't appear to be what is happening from the CuteFTP trace [1]. The ftp server is "ediftp.dhl-usa.com", the ftp is username "tandatac". The proxy server is the "c-proxy.meca...", proxy username is "kentnpc". From the CutFTP trace [1] it appears that... - 1) a connection is made to "ediftp.dhl-usa.com", - 2) then commands are issued to the proxy host ("USER kentnpc", etc.), - 3) then commands are made through the proxy to log in to the ftp server. I don't see any "OPEN" commands at all, even though they show "OPEN site" as selected in the CuteFTP options [2]. So, I can only assume that the CuteFTP options dialog as shown may not be accurate. Assuming that they these settings are not the actual settings, what kind of proxy type does the CuteFTP trace indicate to you? Is it possible to tell? Thanks yet again for your patience, Glenn [1] ---------- STATUS:> Connecting to ediftp.dhl-usa.com STATUS:> Connecting to ediftp.dhl-usa.com (ip = 199.41.254.9) STATUS:> Socket connected. Waiting for welcome message... 220-aftpd:Please enter your username and password 220 aftpd: STATUS:> Connected. Authenticating... COMMAND:> USER kentnpc 331 aftpd: FireWall-1 password: you can use FW-1-password COMMAND:> PASS ******** 230-aftpd:User kentnpc authenticated by FireWall-1 authentication 230-aftpd:Connected to 199.41.254.9. Logging in... 230 aftpd:220 ediftp1 FTP server (SecureTransport 3.0.3) ready. STATUS:> Login successful COMMAND:> TYPE I 530 Please login with USER and PASS. COMMAND:> REST 100 502 Security server inhibited REST command STATUS:> This site cannot resume broken downloads COMMAND:> REST 0 502 Security server inhibited REST command COMMAND:> pwd 530 Please login with USER and PASS. COMMAND:> TYPE A 530 Please login with USER and PASS. ERROR:> Can't retrieve directory listing COMMAND:> user tandatac 331 Password required for tandatac. 230 Virtual user tandatac logged in. ---------- [2] http://progistics.connectship.com/gnc/cuteftp_firewall_settings.jpg |
| Glenn Carr From: Tulsa, OK USA Posts: 42 Member Since: 08/21/02 |
posted July 17, 2003 5:44 PM Here is the ftp Trace log[1] with these settings[2]. Basically, no proxy specified. But it is obviously communicating with the proxy instead of the target machine. How is the communication with the proxy started? And _what_ do I need to do to FTP through this stinkin proxy. Thanks again, Glenn [1] -- Recv: 220-aftpd:Please enter your username and password 220 aftpd: Sent: USER tandata/ftpguest Recv: 331-aftpd:User tandata/ftpguest not found 421 aftpd: aborted Recv: 220-aftpd:Please enter your username and password 220 aftpd: Sent: USER tandata/ftpguest Recv: 331-aftpd:User tandata/ftpguest not found 421 aftpd: aborted Recv: 220-aftpd:Please enter your username and password 220 aftpd: Sent: USER tandata/ftpguest Recv: 331-aftpd:User tandata/ftpguest not found 421 aftpd: aborted ---------------------------------- [2] -- *********************************** **** - Starting new FTP test - D:\testftp_none.vbs **** 7/11/2003 12:53:51 PM FTP properties: Timeout: 30000 ProxyHost: ProxyType: 0 ProxyUsername: ProxyPassword: ProxyPort: 0 Passive: False Login: ftpServer = ftp.tandata.com, ftpUsername = tandata/ftpguest, ftpPassword = ******** [ftpevent_Progress] Status:0, Reply:220-aftpd:Please enter your username and password 220 aftpd: , Count:0, Size:0 [ftpevent_Progress] Status:2, Reply:331-aftpd:User tandata/ftpguest not found 421 aftpd: aborted , Count:0, Size:0 [ftpevent_Error] 11101, 331-aftpd:User tandata/ftpguest not found 421 aftpd: aborted |
| K M Drake From: Utica, NY USA Posts: 3406 Member Since: 07/14/00 |
posted July 18, 2003 11:24 AM Hi, It is hard to decipher what is going on between CuteFtp and the proxy from the CuteFtp trace. The next test I would try is to call Login, but using the proxy's address, username and password, instead of the Ftp server's address, username and password. How far does it get doing this (What does the Trace look like)? Is it possible the proxy is setup to automatically connect to this particular Ftp Server? Thanks, -ken |
| Glenn Carr From: Tulsa, OK USA Posts: 42 Member Since: 08/21/02 |
posted July 22, 2003 12:26 PM OK. More data. Here[1] is the CuteFTP trace for transferring a file to our site from the customer's site via their proxy. After the proxy accepts the password command, it connects and logs into the target ftp server. There must be some clue in this exchange. Also, here[2] is an attempt to connect directly to the proxy server. [1] ----------- STATUS:> Connecting to ftp.tandata.com STATUS:> Connecting to ftp.tandata.com (ip = 63.77.35.98) STATUS:> Socket connected. Waiting for welcome message... 220-aftpd:Please enter your username and password 220 aftpd: STATUS:> Connected. Authenticating... COMMAND:> USER kentnpc 331 aftpd: FireWall-1 password: you can use FW-1-password COMMAND:> PASS ******** 230-aftpd:User kentnpc authenticated by FireWall-1 authentication 230-aftpd:Connected to 63.77.35.98. Logging in... 230 aftpd:220 tdweb Microsoft FTP Service (Version 4.0). STATUS:> Login successful COMMAND:> TYPE I 530 Please login with USER and PASS. COMMAND:> REST 100 502 Security server inhibited REST command STATUS:> This site cannot resume broken downloads COMMAND:> REST 0 502 Security server inhibited REST command COMMAND:> pwd 530 Please login with USER and PASS. COMMAND:> TYPE A 530 Please login with USER and PASS. ERROR:> Can't retrieve directory listing COMMAND:> user tandata/ftpguest 331 Password required for tandata/ftpguest. 230-Welcome to the TanData Corporation FTP site. 230- 230-Please place all uploads into the "incoming" directory. 230- 230 User tandata/ftpguest logged in. COMMAND:> CDUP 250 CWD command successful. COMMAND:> pwd 257 "/" is current directory. COMMAND:> TYPE A 200 Type set to A. STATUS:> Retrieving directory listing... COMMAND:> PORT 10,140,138,174,16,77 200 PORT command successful. COMMAND:> LIST 150 Opening ASCII mode data connection for /bin/ls. STATUS:> Received 383 bytes Ok. STATUS:> Time: 0:00:01, Efficiency: 0.37 KBytes/s (383 bytes/s) 226 Transfer complete. STATUS:> Done. COMMAND:> CDUP 250 CWD command successful. COMMAND:> pwd 257 "/" is current directory. COMMAND:> CWD /incoming 250 CWD command successful. COMMAND:> pwd 257 "/incoming" is current directory. COMMAND:> TYPE A 200 Type set to A. STATUS:> Retrieving directory listing... COMMAND:> PORT 10,140,138,174,16,101 200 PORT command successful. COMMAND:> LIST 150 Opening ASCII mode data connection for /bin/ls. STATUS:> Received 1811 bytes Ok. STATUS:> Time: 0:00:01, Efficiency: 1.77 KBytes/s (1811 bytes/s) 226 Transfer complete. STATUS:> Done. COMMAND:> TYPE I 200 Type set to I. STATUS:> Sending testfile.zip COMMAND:> PORT 10,140,138,174,16,110 200 PORT command successful. COMMAND:> STOR testfile.zip 150 Opening BINARY mode data connection for testfile.zip. STATUS:> Send successful STATUS:> Time: 0:00:06, Efficiency: 69.64 KBytes/s (71307 bytes/s) 226 Transfer complete. STATUS:> Successfully sent d:\test\testfile.zip COMMAND:> pwd 257 "/incoming" is current directory. COMMAND:> TYPE A 200 Type set to A. STATUS:> Retrieving directory listing... COMMAND:> PORT 10,140,138,174,16,111 200 PORT command successful. COMMAND:> LIST 150 Opening ASCII mode data connection for /bin/ls. STATUS:> Received 1864 bytes Ok. STATUS:> Time: 0:00:01, Efficiency: 1.82 KBytes/s (1864 bytes/s) 226 Transfer complete. STATUS:> Done. ----------------- [2] ------------- Microsoft (R) Windows Script Host Version 5.1 for Windows Copyright (C) Microsoft Corporation 1996-1999. All rights reserved. *********************************** **** - Starting new FTP test - D:\TEST\connect_to_proxy.vbs **** 7/21/2003 2:55:27 PM FTP properties: Timeout: 30000 ProxyHost: ProxyType: 0 ProxyUsername: ProxyPassword: ProxyPort: 0 Passive: False Login: ftpServer = sec-proxy.meca.panasonic.com, ftpUsername = kentnpc, ftpPassword = ****** [ftpevent_Error] 10061, Connect method failed. No connection could be made because the target machine actively refused it. This usually results from trying to connect to a service that is inactive on the foreign host - i.e. one with no server application running. |
Tony Priest From: Utica, NY USA Posts: 8466 Member Since: 04/11/00 |
posted July 22, 2003 12:39 PM From the log it seems to me that you would want: Ftp1.ProxyHost = ftp.tandata.com Ftp1.ProxyType = ftpProxyUserLogin Ftp1.ProxyUser = kentnpc Ftp1.ProxyPassword = ****** Then you call login to connect to the final server. |
| Glenn Carr From: Tulsa, OK USA Posts: 42 Member Since: 08/21/02 |
posted July 22, 2003 12:56 PM So, use the final server (ftp.tandata.com) as the proxy server _and_ use it in the login command? |
| Tony Priest From: Utica, NY USA Posts: 8466 Member Since: 04/11/00 |
posted July 22, 2003 1:06 PM Yes. It looks like that's the way it is setup to me. |
| Glenn Carr From: Tulsa, OK USA Posts: 42 Member Since: 08/21/02 |
posted July 22, 2003 1:17 PM I'll give it a try. I'm not sure how it knows to connect to actual proxy server, though. In the CuteFTP settings [1], they do specify the name of the proxy. [1] http://progistics.connectship.com/gnc/cuteftp_firewall_settings.jpg |
| Glenn Carr From: Tulsa, OK USA Posts: 42 Member Since: 08/21/02 |
posted July 22, 2003 4:35 PM Here[1] is the trace log that was returned. Here[2] is the log from the script. Any other ideas? There has to be a way to crack this firewall. [1] --- Recv: 220-aftpd:Please enter your username and password 220 aftpd: Sent: OPEN ftp.tandata.com Recv: 202 aftpd: 'USER' command expected [2] --- *********************************** **** - Starting new FTP test - D:\TEST\testftp_open3.vbs **** 7/22/2003 12:42:12 PM FTP properties: Timeout: 30000 ProxyHost: ftp.tandata.com ProxyType: 6 ProxyUsername: kentnpc ProxyPassword: 41@nPc ProxyPort: 21 Passive: False Login: ftpServer = ftp.tandata.com, ftpUsername = tandata/ftpguest, ftpPassword = oilboom [ftpevent_Progress] Status:0, Reply:220-aftpd:Please enter your username and password 220 aftpd: , Count:0, Size:0 [ftpevent_Progress] Status:0, Reply:202 aftpd: 'USER' command expected , Count:0, Size:0 [ftpevent_Error] 10060, The connection has been dropped because of a network failure or because the peer system failed to respond. Also caused when Connect, Send, Receive, Fill or Close methods are used with a Timeout parameter and the operation fails to complete within the specified number of milliseconds. |
| Tony Priest From: Utica, NY USA Posts: 8466 Member Since: 04/11/00 |
posted July 22, 2003 4:57 PM You are using the wrong ProxyType use ftpProxyUserLogin (4) and see what happens. |
| Glenn Carr From: Tulsa, OK USA Posts: 42 Member Since: 08/21/02 |
posted July 22, 2003 7:13 PM Eureka! Works great. whew. Now, let me ask you this. Is this how the ftpProxyUserLogin proxy type should always be used, or is this due to some peculiarity of this particular firewall/proxy? I.e., when the proxyType is ftpProxyUserLogin, should the ProxyHost property always be set to the destination host instead of the actual proxy server? |
| Tony Priest From: Utica, NY USA Posts: 8466 Member Since: 04/11/00 |
posted July 22, 2003 10:08 PM No. The proxyhost should be set to the proxy server's address. It just so happens that in this case your proxy is also the same as the server. |
| Glenn Carr From: Tulsa, OK USA Posts: 42 Member Since: 08/21/02 |
posted July 23, 2003 11:00 AM :: No. The proxyhost should be set to :: the proxy server's address. It just :: so happens that in this case your :: proxy is also the same as the server. I'm confused. The server is ftp.tandata.com, the proxy server is sec-proxy.meca.panasonic.com. The two machines are in entirely different physical locations. And this only started working when we put the destination ftp server (ftp.tandata.com) in as the ProxyServer. - ftp.tandata.com is simply our (tandata/connectship) W2K FTP server. - sec-proxy.meca.panasonic.com is Panasonic's proxy server (according to the CuteFTP options dialog and their sys admin). The response's from it have "aftpd" in them (anon ftp deamon?). When the ProxyServer property is set to sec-proxy.meca.panasonic.com, an attempt is made to logon to it, using the regular username and password. What am I missing and/or how am I confused? We're just trying to understand if this is a special case due to this particular type of firewall, or if we are misusing the Dart component when the proxy type is "USER". Thanks, Glenn |
| Tony Priest From: Utica, NY USA Posts: 8466 Member Since: 04/11/00 |
posted July 23, 2003 12:08 PM You should set the proxyhost to the proxyserver and login to the ftp server. I honestly don't know why that doesn't work for you. Sorry. |
| Glenn Carr From: Tulsa, OK USA Posts: 42 Member Since: 08/21/02 |
posted July 23, 2003 1:45 PM Hmm... so here's the deal. In our application, we allow the user to set the global proxy information for all ftp transfers from that app on that machine. But, the destination ftp server varies depending on the function being performed by the app. What you're saying is that before each transfer the proxy host would need to be changed to match the destination ftp host (because that is the only way it has worked). But, you're not sure why. Is it some weird quirk of that particular type of firewall? And if so, why does CuteFTP from the same machine with its settings[1] of: Proxy Host: sec-proxy.meca.panasonic.com Proxy User: kentnpc Proxy Pass: ******* Type: OPEN site Enable firewall access: False PASV Mode: False Is CuteFTP doing something tricky to get around this? Thanks, Glenn [1] --- http://progistics.connectship.com/gnc/cuteftp_firewall_settings.jpg |
| Tony Priest From: Utica, NY USA Posts: 8466 Member Since: 04/11/00 |
posted July 23, 2003 1:55 PM Are you absolutely positive that sec-proxy.meca.panasonic.com and ftp.tandata.com don't resolve to the same IP address on your system. What happens when you use sec-proxy.meca.panasonic.com as the proxyhost? Maybe CuteFTP does some kind of automatic detection? What does the CuteFTP log of a successful session look like? |
| Glenn Carr From: Tulsa, OK USA Posts: 42 Member Since: 08/21/02 |
posted July 23, 2003 2:01 PM Yes, absolutely positive, not a doubt. "sec-proxy.meca.panasonic.com" is an interal machine to Panasonic, "ftp.tandata.com" is in a completely different location. In fact, I could test it with another ftp destination server to prove it. Do you have one that we could transfer a file to? The complete trace of a successful trace using CuteFTP is a few posts back -- the post dated July 22, 2003 12:26 PM. |
| Tony Priest From: Utica, NY USA Posts: 8466 Member Since: 04/11/00 |
posted July 23, 2003 2:07 PM This issue has grown too big to deal with on the forum. If you have support, please send support@dart.com a note referencing topic 3166 in the subject and we will open an issue and begin working this out with you. If you don't have support, please contact our sales deparment. I would recommend one of the options that gives you phone support as this issue will probably require a little one on one time. |
| Glenn Carr From: Tulsa, OK USA Posts: 42 Member Since: 08/21/02 |
posted July 23, 2003 2:19 PM Hmmm. I would agree that there would have to be a charge for extended support if the customer (we) weren't using the product as documented. But, the documentation purchased with the product should provide all the information that is required to make the product work. And, at this point, we have no more information we could give anyone over the phone that I haven't given in this thread. Not sure what we'll do at this point, but I think you can probably understand my frustration. |
| Tony Priest From: Utica, NY USA Posts: 8466 Member Since: 04/11/00 |
posted July 23, 2003 2:28 PM You'll still have to get support. The reason why is that we can't be sure this is a bug. No one else is reporting this problem and we can't invest time investigating the issue while we have other paid support issues open. If you have further questions please call 315-790-5456 and speak to someone about your options. Make sure you reference this topic so they know the history. |
| Reply | PowerTCP FTP for ActiveX Topics | Forums |
This site is powered by
PowerTCP WebServer for ActiveX
|