Passive mode for FileZilla FTP isn't working
Solution 1
I suggest you try to locally on the server using Windows' FTP or another installed client. This way you will see if it's network/firewall issue or an issue with the configuration of the FTP server. Also check Filezilla server's log files if the commands.
If it depends on the firewall, here is a TechNet article that could help: How to Configure Windows Firewall for a Passive Mode FTP Server. But you wrote that the Windows firewall is off, so I suppose it is a problem of the external firewall/router (also check the client side).
Solution 2
I had a similar issue, and resolved it by choosing "default" in the "External Server IP Address for passive mode transfers" option in Filezila server settings. In other words, don't enter your public IP address here even if you are on a private address. The reason is that your Firewall may have "FTP inspection" enabled, and it will do the translation of your server private IP address to its public IP address for you. In this case, also enabling this translation in Filezila will cause problems, and the connection will get lost after your client issues the PASV command.
Solution 3
I realize that it might be a change, but the new FTP server in 2008 is very robust and I wound up replacing FileZilla myself with it. You might want to look into it as well.
Related videos on Youtube
10 : 32
![How to Fix- FileZilla Connection Refused TimeOut Error After 20 Seconds [Step by Step]☑️](https://i.ytimg.com/vi/HkQjDEPXiMw/hq720.jpg?sqp=-oaymwEcCNAFEJQDSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLCYnY3iOfn3_h0S22ogxCmId2AKoA)
01 : 57
01 : 07
05 : 58
04 : 52
best
In the 10+ years since graduating from University I found my passion is not to endlessly code but to work with the data to release its value; to help users find the power of the data within systems and to protect and monitor this information extracted from the data, even if it means coding sometimes ;) My Stack profiles contain some unusual questions as well as some very highly rated ones. Somehow Sharepoint, despite being rarely used daily, is my best performing site which mirrors the varied nature of my working career. Primary interests / technologies SQL & SQL Server SSRS and Reporting Data and data management C# and related .Net code Business areas Engineering, Oil & Gas Engineering, Chemical & Manufacturing Startups, Internet & data management SME bespoke .Net development Pubs & license trade, data management Locations I have worked internationally in Europe and the USA, regularly working at client offices but would much prefer remote working where possible.
Updated on September 17, 2022Comments
-
best over 1 year
We have FileZilla server 0.9.37 running on Windows server 2008 R2
Active mode works OK, The Windows firewall on the server is off.
Our Router is a DrayTek vigor 2820. Under NAT, Open Ports, I have opened the following ports for the servers local IP
TCP 20-22, TCP 45100-65535
In FileZilla server, under passive mode settings (I can't post an image so...)
Use the following IP: 213.106.150.123 Don't use external IP from local connections: Checked Use custom port range: 45100-65535From a remote server in Germany which I RDP into I try connecting back to the FileZilla server.
Status: Connecting to 213.106.150.123:21... Status: Connection established, waiting for welcome message... Response: 220 -- Command: USER ftp_001471 Response: 331 Password required for ftp_001471 Command: PASS ******** Response: 230 Logged on Status: Connected Status: Retrieving directory listing... Command: CWD / Response: 250 CWD successful. "/" is current directory. Command: TYPE I Response: 200 Type set to I Command: PASV Response: 227 Entering Passive Mode (213,106,150,123,238,133) Command: MLSD Response: 425 Can't open data connection. Error: Failed to retrieve directory listingThe status window on FileZilla server reports the following
(not logged in) (87.106.131.22)> Connected, sending welcome message... (not logged in) (87.106.131.22)> 220 -- (not logged in) (87.106.131.22)> USER ftp_001471 (not logged in) (87.106.131.22)> 331 Password required for ftp_001471 (not logged in) (87.106.131.22)> PASS ******** ftp_001471 (87.106.131.22)> 230 Logged on ftp_001471 (87.106.131.22)> CWD / ftp_001471 (87.106.131.22)> 250 CWD successful. "/" is current directory. ftp_001471 (87.106.131.22)> TYPE I ftp_001471 (87.106.131.22)> 200 Type set to I ftp_001471 (87.106.131.22)> PASV ftp_001471 (87.106.131.22)> 227 Entering Passive Mode (213,106,150,123,195,197) ftp_001471 (87.106.131.22)> MLSD ftp_001471 (87.106.131.22)> 425 Can't open data connection.If I change the FileZilla passive mode setting from our external IP to Default, I get the following details from the client in Germany trying to connect.
Status: Connecting to 213.106.150.123:21... Status: Connection established, waiting for welcome message... Response: 220 -- Command: USER ftp_001471 Response: 331 Password required for ftp_001471 Command: PASS ******** Response: 230 Logged on Status: Connected Status: Retrieving directory listing... Command: CWD / Response: 250 CWD successful. "/" is current directory. Command: TYPE I Response: 200 Type set to I Command: PASV Response: 227 Entering Passive Mode (213,106,150,123,196,198) Command: MLSD Response: 425 Can't open data connection. Error: Failed to retrieve directory listingAnd the details on the server.
(not logged in) (87.106.131.22)> Connected, sending welcome message... (not logged in) (87.106.131.22)> 220 -- (not logged in) (87.106.131.22)> USER ftp_001471 (not logged in) (87.106.131.22)> 331 Password required for ftp_001471 (not logged in) (87.106.131.22)> PASS ******** ftp_001471 (87.106.131.22)> 230 Logged on ftp_001471 (87.106.131.22)> CWD / ftp_001471 (87.106.131.22)> 250 CWD successful. "/" is current directory. ftp_001471 (87.106.131.22)> TYPE I ftp_001471 (87.106.131.22)> 200 Type set to I ftp_001471 (87.106.131.22)> PASV ftp_001471 (87.106.131.22)> 227 Entering Passive Mode (192,168,1,4,195,198) ftp_001471 (87.106.131.22)> MLSD ftp_001471 (87.106.131.22)> 425 Can't open data connection.What am I doing wrong?
When I specify the external IP the client and server report the same, but the ports get screwed up and when I run with default the server uses its internal IP but the port assignment looks better.
Edit: more testing and its working.
So I installed the FTP server in IIS 7.5, disabled FileZilla and it worked! I then tried re-enabling FileZilla and that too worked! This was all from my home ADSL connection.
I then tried again from our remote server in Germany and it failed, hangs on the directory listing in passive mode for both IIS FTP and FileZilla.
I guess there is something up with the Firewall / router at the data centre in Germany. I don't really want to mess with the remote server router(I'm not even sure I can alter firewall rules as its hosted) I'm worried about corporate customers suffering the same fate when trying to access our FTP sites.
-
best over 13 yearsThanks for the link, I guess it was just more testing I needed
-
simonpa71 over 7 yearsThis solved it for me. My setup uses a Sonicwall firewall, that 1:1 NATs an FTP server on the local network to a public IP. I don't know if it is linked, but this problem appeared after enabling TLS on FileZilla Server. Disabling TLS did not solve it, though.