Login  
Search All Forums
Dart Home | PowerTCP SSL for ActiveX | Custom Development Reply | PowerTCP SSL for ActiveX Topics | Forums   
AuthorForum: PowerTCP SSL for ActiveX
Topic: SSL Tool and NAT issues
Rick Adams

From: Burnsville, MN USA
Posts: 12
Member Since: 11/28/06
posted November 28, 2006 1:32 PM

I'm having problems getting through a firewall with the latest SSL Tool, and it looks like there's NAT issues.

The WS_FTP_PRO client is able to open a port:

227 Entering Passive Mode (10,49,53,32,78,82)

connecting data channel to 10.49.53.32:78,82(20050)

Substituting connection address 197.181.46.151 for private address 10.49.53.32 from PASV

data channel connected to 197.181.46.51:78,82(20050)

When I try the PowerTCP Secure FTP Client program distributed with the SSL Tool, I get:

<--- 227 Entering Passive Mode (10,49,53,32,78,82)

---> LIST

<--- 425 Can't open data connection.

Note that it appears to be trying to open 10.49.53.32, which is a private address.

I've tried it with and without UseControlAddressForPassive set. It works fine testing on our own FTPS server, but not for the server we actually want to connect to.



Amit

From: Rome, NY USA
Posts: 315
Member Since: 03/15/06
posted November 30, 2006 11:44 AM

Hello,

A file transfer can only be established if the client sent a PASV or PORT command since the last data transfer. If the client has not met these requirements then a 425 response is received. It seems that the server is accepting the passive command but still not able to open the data connection. It seems that the serverís firewall is not able to decrypt the encrypted data.

It could also be a possibility that the client is behind a firewall that does not allows all outgoing connections. If this is the case, then what happens if you open a range of ports behind the Client Firewall?

Regards,
Amit
Reply | PowerTCP SSL for ActiveX Topics | Forums   
This site is powered by PowerTCP WebServer Tool PowerTCP WebServer for ActiveX