This relates to: https://www.finalbuilder.com/Support/Forums/aft/12850.aspx
It appears to us that the “passive” option on ftp is either:
- not working (e.g. the connection is active even when this is checked)
or
- broken in some other way
Please advise. This is blocking a major implementation.
Thanks!
UPDATE: The problem was networking, not FB.
On the XP box running FB6, active FTP worked fine (our firewall does the whole fixup nicely for active FTP)
We move to win7… and active ftp breaks due to the windows firewall. // we did not realize this until rather late in the game
But passive should work… right?
Wrong.
Testing: Using filezilla client set to passive, we could not do file IO to the ftp server. (We have now recreated the FB ftp problem in filezilla.)
We attack this issue and solve it. (Involves setting filezilla ftp server to use specific port range for passive ftp, and then ALSO making sure this port range is open both on firewall in front of FTP server AND on firewall in front of FTP client.)
So now filezilla client works in passive!
Done?
Nope. FB passive still does not work.
Why?
Filezilla client has brains that FB ftp client lacks. In the FTP passive protocol, the ftp server provides a server address in response to the PASV command received from the client. By default, this is the IP the ftp server software sees itself attached to (e.g. the nic IP). In the current era, this is always a private, unroutable IP address…
Now the delta between Filezilla client and FB:
Filezilla client sees that private, unroutable IP and says (you can see it in the filezilla log): Hey, that is unroutable! Here is a snip from the filezilla client log:
[code]Command:PASVResponse:227 Entering Passive Mode (10,80,17,83,195,87)Status:Server sent passive reply with unroutable address. Using server address instead. [/code]
That last step is not done by the FB ftp client.
It is fixable… with another tweak to the ftp server (using filezilla ftp server in this case). On the ftp server, in “passive mode settings” you can set the ftp server to provide the public IP it is behind in the response to the PASV command.
Some of what we did is described here: http://www.codepal.co.uk/show/FTPES_fails_in_FileZilla_on_MLSD_command_with_Error_425
The rest is described above.
What fun!