HPE Community
Operating System - OpenVMS
1752421 Members
5691 Online
108788 Solutions
New Discussion юеВ

Re: ftp question

 
tim lloyd_1
Frequent Advisor

тАО05-25-2010 02:20 PM

тАО05-25-2010 02:20 PM

ftp question

Hi, I support an Itanium system running VMS 7.2. The controlling node currently uses FTP to copy configuration data to slave nodes (there are 4 linked computers running identical software on VMS7.2).

It also uses FTP to warehouse files to a 3rd party computer.

Recently the customer swapped around the computer used as the controlling node. The FTP job to the slave nodes still works however the FTP to the 3rd party computer encounters -

%FTP-E-NETERR, I/O error on network device
-SYSTEM-F-REJECT, connect to network object rejected

I can ping the 3rd party computer. Is there another step required on VMS to allow FTP access?
0 Kudos
Reply
8 REPLIES 8
Jon Pinkley
Honored Contributor

тАО05-25-2010 02:48 PM

тАО05-25-2010 02:48 PM

Re: ftp question

"Recently the customer swapped around the computer used as the controlling node."

Did this change the ip address? If so, perhaps the 3rd party computer is only allowing specific ip addresses to connect to its ftp server.

Jon
it depends
0 Kudos
Reply
John Gillings
Honored Contributor

тАО05-25-2010 02:50 PM

тАО05-25-2010 02:50 PM

Re: ftp question

REJECT usually means the protocol isn't recognised on the target system, or the target system doesn't want to let you in. The diagnosis needs to be done on the target system. Think about it, if you're being attacked you don't want to give away too much information to the attacker.

See HELP/MESSAGE REJECT

REJECT, connect to network object rejected

Facility: SYSTEM, System Services

Explanation: A request to connect to an object at a remote node failed for
one of the following reasons:

o The object requested does not exist.

o The access control information specified is invalid.

o The partner NSP has no resources.

o The partner task exited during the connect sequence.

o The partner task rejected the connect.


User Action: Determine which reason caused the failure and try to correct
the condition.
A crucible of informative mistakes
0 Kudos
Reply
tim lloyd_1
Frequent Advisor

тАО05-25-2010 02:53 PM

тАО05-25-2010 02:53 PM

Re: ftp question

Hi Jon. Yes, this change meant a different IP address for the controlling computer. I believe they have added the new address to their router but I am not sure whether they have a specific FTP server. I will take this up with them. Many Thanks
0 Kudos
Reply
tim lloyd_1
Frequent Advisor

тАО05-25-2010 02:56 PM

тАО05-25-2010 02:56 PM

Re: ftp question

and thanks John. I will work through this checklist with the customer.
0 Kudos
Reply
Andy Bustamante
Honored Contributor

тАО05-25-2010 04:43 PM

тАО05-25-2010 04:43 PM

Re: ftp question

I'd follow up on Jon's point. If the source address has changed, you need to ensure routing, firewall rules at source and destination, and target host configuration all allow FTP. FTP traffic, especially the default active FTP, can be very sensitive to network access configurations.

Andy Bustamante
If you don't have time to do it right, when will you have time to do it over? Reach me at first_name + "." + last_name at sysmanager net
0 Kudos
Reply
P Muralidhar Kini
Honored Contributor

тАО05-25-2010 05:27 PM

тАО05-25-2010 05:27 PM

Re: ftp question

Hi Tim,

In case FTP is disabled on the 3rd party computer then any request to FTP
to that machine will result in
%TCPIP-E-FTP_NETERR, I/O error on network device
-SYSTEM-F-REJECT, connect to network object rejected

Check whether the FTP service is enabled on the 3rd party computer
$@sys$startup:tcpip$config
-> FTP Client
-> FTP Server

If the FTP service is enabled then the problem may be that the 3rd party
computer is not accepting the connections from the controlling node.

Regards,
Murali
Let There Be Rock - AC/DC
0 Kudos
Reply
Steven Schweda
Honored Contributor

тАО05-25-2010 07:43 PM

тАО05-25-2010 07:43 PM

Re: ftp question

> In case FTP is disabled on the 3rd party
> computer [...]

That's where I'd start. "SYSTEM-F-REJECT"
corresponds to "connection refused" in
UNIX-land. It may be possible to get that
from a clever firewall, but the usual
explanation is that there's no FTP server
running/configured on the server system.

Trying to contact the FTP server from that
same system would tend to evade most firewall
restrictions.


> I can ping the 3rd party computer. [...]

Not a routing problem then.
0 Kudos
Reply
labadie_1
Honored Contributor

тАО05-25-2010 10:57 PM

тАО05-25-2010 10:57 PM

Re: ftp question

Hi Tim

>>> support an Itanium system running VMS 7.2

Humm
IMHO, either an Alpha system with VMS 7.2 or an Itanium with VMS 8.2
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.