I am trying to set up an ftps server using IIS 7.5 so a vendor can post large files to our servers. I have installed everything and it seems to be working for my point of view. I have installed coreftp and filezilla on my PC and I am able to login and transfer files. However when my vendor logs in they are having some issues that I can figure out. Windows firewall is turned off and the public firewall is doing a port forward. I am going to post his email.
I first did a test to replicate your symptoms. It timed out after five minutes. I increased the time out value to ten minutes (600 seconds). I got a response from that server after three minutes which reset the timer but it timed out after ten minutes. Then I looked closer at the server messages. Their PASV message contains their public IP address (x.x.x.x) and the port is in the range they specify (49152-65535). Everything is fine so far.
However, the server message received to both a Passive and Active mode is the same. We should be getting an immediate reply code (125) stating the listing has started.
I did a packet trace which shows the mainframe sends out the data channel connection attempt (SYN packet) six times but never gets a response (SYN ACK packet) before it times out.
I do not know if their firewall is blocking the data channel connection attempt or their server isn’t responding or if its response is not making it back through their firewall. With the 150 message indicating it is trying to connect to us as if this were Active mode, the server may not be operating properly.
Set timer value to ten minutes (default is five)
ftp -x –r tls url.url.com (ti 600
get logged in fine and data channel is set to secure. Do ls (list) which works the same as a GET
locsite FWF set Passive mode
EZA1460I Command:
ls
EZA1701I >>> PASV
227 Entering Passive Mode (x,x,x,x,194,218). Public IP x.x.x.x and port 194x256+218=49882
EZA1701I >>> NLST
150 Opening ASCII mode data connection. received after three minutes which resets timer. BUT.. see Active mode below
*** 10 minutes pass ***
EZA2589E Connection to server interrupted or timed out. Waiting for reply
EZA1721W Server not responding, closing connection.
EZA1460I Command:
However, when I use Active mode
ls
EZA1701I >>> PORT 166,37,192,3,168,200
200 PORT command successful.
EZA1701s >>> NLST
150 Opening ASCII mode data connection same server message
EZA2589E Connection to server interrupted or timed out. Waiting for data connection
550
EZA1460I Command:
quit
EZA1701I >>> QUIT
221 Goodbye.
READY
Secure Passive FTP connection from OZZ2 to OPS1:
ls
EZA1701I >>> PASV
227 Entering Passive Mode (166,37,128,66,10,109)
EZA1701I >>> NLST
125 List started OK should be getting something like this back
EZA2284I BRODCAST.LIST
EZA2284I FTP.ROLL.OBEY1
EZA2284I FTP.TEST.BATCH
EZA2284I FTP.TEST.FIFTY