|Dart Home | PowerTCP SSL for ActiveX | Custom Development||Reply | PowerTCP SSL for ActiveX Topics | Forums|
|Author||Forum: PowerTCP SSL for ActiveX|
Topic: SSL Tool and NAT issues
From: Burnsville, MN USA
Member Since: 11/28/06
|posted November 28, 2006 1:32 PM
I'm having problems getting through a firewall with the latest SSL Tool, and it looks like there's NAT issues.
The WS_FTP_PRO client is able to open a port:
227 Entering Passive Mode (10,49,53,32,78,82)
connecting data channel to 10.49.53.32:78,82(20050)
Substituting connection address 126.96.36.199 for private address 10.49.53.32 from PASV
data channel connected to 188.8.131.52:78,82(20050)
When I try the PowerTCP Secure FTP Client program distributed with the SSL Tool, I get:
<--- 227 Entering Passive Mode (10,49,53,32,78,82)
<--- 425 Can't open data connection.
Note that it appears to be trying to open 10.49.53.32, which is a private address.
I've tried it with and without UseControlAddressForPassive set. It works fine testing on our own FTPS server, but not for the server we actually want to connect to.
From: Rome, NY USA
Member Since: 03/15/06
|posted November 30, 2006 11:44 AM
A file transfer can only be established if the client sent a PASV or PORT command since the last data transfer. If the client has not met these requirements then a 425 response is received. It seems that the server is accepting the passive command but still not able to open the data connection. It seems that the serverís firewall is not able to decrypt the encrypted data.
It could also be a possibility that the client is behind a firewall that does not allows all outgoing connections. If this is the case, then what happens if you open a range of ports behind the Client Firewall?
|Reply | PowerTCP SSL for ActiveX Topics | Forums|
|This site is powered by PowerTCP WebServer for ActiveX|