Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    FTP Timeout 1/2 fixed

    Firewalling
    2
    4
    3.9k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      Rich
      last edited by

      FTP works fine from the command prompt which is how I was testing it, but a lot of our clients us IE for FTP. It doesn't work this way still. They can log in, but it times out when trying to list the files, or try to go straight to a file and download it.

      I found a fix. In Internet Explorer, turn off passive ftp under options – advanced. In FireFox, downlod FireFTP and turn off passive.

      1 Reply Last reply Reply Quote 0
      • S
        sullrich
        last edited by

        You really should not need to do this.  Please describe your setup in more detail.  If your using nat please search the forum as the FTP subject comes up more then it really should.

        1 Reply Last reply Reply Quote 0
        • R
          Rich
          last edited by

          Setup:

          Class c of routable IP's on LAN. NAT disabled. FTP helper disabled on both WAN and LAN. Ports 20 and 21 open. Annonymous access disabled. On a 10 mb metro ethernet connected to an OC-3 ring.

          In passive mode, I can log in, but I can't list or access any files or folders. From command line FTP, everything works. From IE with passive disabled, or FireFox with FireFTP and passive disabled, everything works. It's the same behind a Belkin residential router with NAT on a cable modem, a Sonicwall TZ-170 with NAT on a business cable modem, and a Sonicwall 4060 with another class c of routable IPs on a 20 mb metro ethernet connected to an OC-3 ring.

          1 Reply Last reply Reply Quote 0
          • R
            Rich
            last edited by

            I found a fix. For Gene6 FTP server, open ports 50000 - 50100 in pfSense.

            For IIS FTP on 2003 Server enable the direct metabase edit. Then cd\Inetpub\AdminScripts and run adsutil.vbs set /MSFTPSVC/PassivePortRange "5500-5700" and then open the ports in pfSense. Restart the FTP service. You can use whatever high ports you want, not just 5500-5700, they're just an example.

            For IIS FTP on 2000 Server, make sure you have SP4. Use regedt32.exe to locate the key *HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Msftpsvc\Parameters* and add a value named PassivePortRange of type REG_SZ. Edit the entry and type in your port range and open the ports in pfSense. Close the registry editor and restart the FTP service.

            Other FTP server applications should be similar, but I only use and know these well since I'm an MCSE.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.