ftp command fails, what could be causing it?

Freejack2

Diamond Member
Dec 31, 2000
7,751
8
81
This is driving me crazy for work.
I have a server at a customer site that is trying to do a nightly update from my employers ftp site. I can log into the ftp site and upload and download using a program like wsftp le but when the nightly update program does it's restget command it fails.

No changes have been made to the system but the customer installed a new cisco router. The error we're getting is this.

------
4/18/2005 10:07:44 AM - FTP Host Name Set To: ftp1.companyname.com
4/18/2005 10:07:49 AM - FTP Request : Connect
4/18/2005 10:07:50 AM - FTP Returned : 230 User logged in, proceed.
4/18/2005 10:07:50 AM - ***GetFTPServerOnlineStatus
4/18/2005 10:07:50 AM - ***GetFileInfo
4/18/2005 10:07:50 AM - FTP Request : cwd
4/18/2005 10:07:50 AM - FTP Returned : 250 Directory changed to /d:/Download/Control
4/18/2005 10:07:50 AM - FTP Request : Dir d:\download\Control\ServerControl.ini D:\companyname\filesize.dir
4/18/2005 10:09:19 AM - Downloading d:\download\Control\ServerControl.ini
4/18/2005 10:09:19 AM - FTP Request : RestGet ServerControl.ini D:\companyname\Update\ServerControl.ini
4/18/2005 10:09:19 AM - FTP Error : (426)

4/18/2005 10:09:19 AM - Appending Company Name Usage Log Server File
4/18/2005 10:09:19 AM - FTP Request : cwd ServerControl.ini D:\companyname\Update\ServerControl.ini
4/18/2005 10:10:05 AM - Appending Update Log Msg Server File
4/18/2005 10:10:05 AM - ***AppendUpdateMsgLogFile
4/18/2005 10:10:05 AM - FTP Request : cwd ServerControl.ini D:\companyname\Update\ServerControl.ini
4/18/2005 10:10:51 AM - Receiving File Information
4/18/2005 10:10:51 AM - ***GetFileInfo
4/18/2005 10:10:51 AM - FTP Request : cwd ServerControl.ini D:\companyname\Update\ServerControl.ini

------
I'm told the 426 error means ports aren't open. However I'm told by the people who support the router that no outbound traffic is blocked. Only inbound.
I'm told that the restget is where my company's ftp server is requesting a file from the server at the customer's site.

Does anyone have any ideas as to why the restget is failing?
 

randal

Golden Member
Jun 3, 2001
1,890
0
71
Well, FTP is a bastard protocol that uses a total of four ports:

Active FTP:
1. client(>1024) -> server(21)
2. Client & server negotiate next $PORT above 1024
3. server(20) -> client($PORT)

PassiveFTP
1. client(>1024) -> server(21)
2. Client & server negotiate next $PORT above 1024
3. client(>1024) -> server($PORT)

The problem is that you are connecting to ports above 1024 that are totally random -- you have no way of knowing what ports to firewall and which to permit. With that being said, if they have a new cisco router, they may be filtering ports inadvertently; consequently, you may try using `passive ftp` ... basically, right after your script logs you in, issue the word "PASV"; this will invoke a passive FTP connection, which is easier on firewalls.

Or you could do it the right way and use scp :)
 

Freejack2

Diamond Member
Dec 31, 2000
7,751
8
81
Hmm, another thing to pass on to them. They are already using passive ftp, as a matter of fact active ftp does not work at all.
Thanks.