IIS 7.5 on Windows Server 2008 R2 refusing to create PASSIVE MODE FTP connections

windows-server-2008-r2 ftp iis-7.5 perl
13,800

Solution 1

I had this same problem. IIS FTP 7.5 is configured by default to allow only ACTIVE FTP not Passive I believe - at least in two default installs I have done. Perhaps your script is getting hung up on this. The IIS website http://learn.iis.net/page.aspx/309/configuring-ftp-firewall-settings/ helped me immensely--though my problem was with a regular FTP client (filezilla) not PERL it should apply in this case. Look at especially Step 3: Configure Windows Firewall Settings

Solution 2

I've met with similar problems with other ftp server software.

you may need to do port mapping if your ftp server is behind NAT. you may also need to check the port the server used for passive mode and port map it. Also check firewall that those ports are allowed.

Share:
13,800

Related videos on Youtube

Campbell
Author by

Campbell

Work for a very large hardware manufacturer doing interesting software!

Updated on September 17, 2022

Comments

  • Campbell
    Campbell over 1 year

    I'm attempting to get an FTP client written in perl to transfer files from an IIS 7.5 FTP server using passive mode.

    I've configured the FTP server as per instructions and have also configured Windows Firewall to allow this type of traffic. I have validated that the firewall is behaviong correctly by checking to ensure there are no blocked packets in the logs. I have verified the that FTP control channel is being opened on Port 21.

    I believe the client is being told by IIS which port to connect on for passive mode and IIS is refusing to allow this connection.

    The perl log looks like:

    C:\cygwin\Perl\lib\FMT>perl FTPTest.pl
Net::FTP>>> Net::FTP(2.77)
Net::FTP>>>   Exporter(5.64_01)
Net::FTP>>>   Net::Cmd(2.29)
Net::FTP>>>   IO::Socket::INET(1.31)
Net::FTP>>>     IO::Socket(1.31)
Net::FTP>>>       IO::Handle(1.28)
Net::FTP=GLOB(0x20abac0)<<< 220 Microsoft FTP Service
Net::FTP=GLOB(0x20abac0)>>> USER ftpuser
Net::FTP=GLOB(0x20abac0)<<< 331 Password required for ftpuser.
Net::FTP=GLOB(0x20abac0)>>> PASS ....
Net::FTP=GLOB(0x20abac0)<<< 230 User logged in.
Net::FTP=GLOB(0x20abac0)>>> CWD /Logs
Net::FTP=GLOB(0x20abac0)<<< 250 CWD command successful.
Net::FTP=GLOB(0x20abac0)>>> PASV
Net::FTP=GLOB(0x20abac0)<<< 227 Entering Passive Mode (xx,xxx,xxx,xxx,160,41).
Net::FTP=GLOB(0x20abac0)>>> RETR filename.txt
Can't use an undefined value as a symbol reference at C:/Utilities/strawberryper
l/perl/lib/Net/FTP/dataconn.pm line 54.

    IIS logs look as follows:

    2010-10-02 17:40:06 xx.xxx.xx.xx - yy.y.yy.yy ControlChannelOpened - - 0 0 27a48c9b-9dce-4770-8bcf-fc89f2569b1a - -
2010-10-02 17:40:06 xx.xxx.xx.xx - yy.y.yy.yy USER ftpuser 331 0 0 27a48c9b-9dce-4770-8bcf-fc89f2569b1a - -
2010-10-02 17:40:06 xx.xxx.xx.xx MACHINENAME\ftpuser yy.y.yy.yy PASS *** 230 0 0 27a48c9b-9dce-4770-8bcf-fc89f2569b1a / -
2010-10-02 17:40:06 xx.xxx.xx.xx MACHINENAME\ftpuser yy.y.yy.yy CWD /Logs 250 0 0 27a48c9b-9dce-4770-8bcf-fc89f2569b1a /Logs -
2010-10-02 17:40:06 xx.xxx.xx.xx MACHINENAME\ftpuser yy.y.yy.yy PASV - 227 0 0 27a48c9b-9dce-4770-8bcf-fc89f2569b1a - -
2010-10-02 17:40:27 - MACHINENAME\ftpuser zz.z.zz.zzz 41001 DataChannelClosed - - 64 0 27a48c9b-9dce-4770-8bcf-fc89f2569b1a - -
2010-10-02 17:40:27 xx.xxx.xx.xx MACHINENAME\ftpuser yy.y.yy.yy ControlChannelClosed - - 64 0 27a48c9b-9dce-4770-8bcf-fc89f2569b1a - -
2010-10-02 17:40:27 xx.xxx.xx.xx MACHINENAME\ftpuser yy.y.yy.yy RETR filename.txt 550 1236 0 27a48c9b-9dce-4770-8bcf-fc89f2569b1a filename.txt -

    We've managed to see this issue with other FTP clients also, I don't think its something funny in Perl. I've been informed that this works fine in the IIS 6 FTP server. I'm wondering if there is something we're missing here.

    • Coding Gorilla
      Coding Gorilla over 12 years
      Can you provide any other details from the "other FTP clients"? The error you posted doesn't seem (although maybe PERL just isn't handling it well) to be an FTP error per-se. But a real FTP client log might shed more light on it.
  • Coding Gorilla
    Coding Gorilla over 12 years
    The: 227 Entering Passive Mode (xx,xxx,xxx,xxx,160,41). line indicates that IIS actually entered passive mode and was waiting for a passive FTP connection to being, so this isn't the issue.
  • Pedro Perez
    Pedro Perez over 8 years
    Actually I think you're on the right track. You can specify your IP address in IIS. If this FTP server is behind a NAT you'll have to specify the public IP address. Can @Campbell let us know if you see a public or private IP address in the 227 response?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

FTP restrict user access to a specific folder
FTP file upload using perl from local system
PHPMailer loads a while, then gives 500 - Internal server error
Cannot Read Configuration File Because it Exceeds the Maximum File Size
Configure Filezilla FTP Server to Allow Uploads
Problems with FTP file access to VirtualBox guest running Windows 2008 Server R2 x64
Username in the address for an FTP site
Upgrading IIS7 to IIS8
Access to local ftp server by host name or server name instead ip address
Why does localhost not work on Windows Server 2008 R2?