HPE Community
Operating System - HP-UX
1833777 Members
2486 Online
110063 Solutions
New Discussion

Re: FTP passive mode to hpux 10.20 over VPN

 
mohammad hajahmad
Occasional Advisor

‎11-27-2002 12:17 AM

‎11-27-2002 12:17 AM

FTP passive mode to hpux 10.20 over VPN


We are shifting some of our clients to ftp to our sever "hpux 10.20" over a VPN connection. They login fine, but when they try to view thier files, they can't. When we do ls over this connection, the process halts. following is a screen shot of the log:

--------------------------------------------


331 User name okay, need password.
PASS (hidden)
230-User logged in, proceed.
Current Default Relationship - Recv: VLINE APRF: *BINARY
Get option: single
230
SYST
215 UNIX Type: L8 GEIS Enterprise 6.0
Host type (2): UNIX (standard)
FEAT
500 Syntax error, command unrecognised.
PWD
200-Command Okay.
ID: VLINE, Current TR - Recv: VLINE, APRF: *BINARY, Dir: S.
Get option: single.
200
MLST
500 Syntax error, command unrecognised.
PWD
200-Command Okay.
ID: VLINE, Current TR - Recv: VLINE, APRF: *BINARY, Dir: S.
Get option: single.
200
MLST
500 Syntax error, command unrecognised.
TYPE A
200 TYPE set to A
PASV
500 Syntax error, command unrecognised.

XPSV
500 Syntax error, command unrecognised.

PORT 212,71,32,120,5,71
200 Command Okay.
LIST
150 Opening data connection for transfer.
--------------------------------------------

It cant display the files. I have installed the cumulitave FTP patch PHNE_23948 but it's still the same. Do I have to enable anything on that particulare port that the client is connecting to? By the way when I do FTP over the LAN it works fine but not over the VPN.

Have you come cross such a problem? hints ...
Thanks
Moh
0 Kudos
Reply
19 REPLIES 19
U.SivaKumar_2
Honored Contributor

‎11-27-2002 12:20 AM

‎11-27-2002 12:20 AM

Re: FTP passive mode to hpux 10.20 over VPN

Hi,

Which FTP server are you using ? Have you enabled passsive FTP option in that ?

regards,
U.SivaKumar
Innovations are made when conventions are broken
0 Kudos
Reply
mohammad hajahmad
Occasional Advisor

‎11-27-2002 12:25 AM

‎11-27-2002 12:25 AM

Re: FTP passive mode to hpux 10.20 over VPN


Thanks U.SivaKumar,

I'm using WSFTP server and the passive mode is checked.

Moh
0 Kudos
Reply
U.SivaKumar_2
Honored Contributor

‎11-27-2002 12:27 AM

‎11-27-2002 12:27 AM

Re: FTP passive mode to hpux 10.20 over VPN

Do you have any VPN firewall in your setup ?
Have you checked logs of the firewall when doing FTP ?

regards,
U.SivaKumar
Innovations are made when conventions are broken
0 Kudos
Reply
U.SivaKumar_2
Honored Contributor

‎11-27-2002 12:29 AM

‎11-27-2002 12:29 AM

Re: FTP passive mode to hpux 10.20 over VPN

Do you have any VPN firewall in your setup ?
Have you checked logs of the firewall when doing FTP ?

Also which FTP client are you using ( command line ? )
Try with WS_FTP client with passive option ticked does the problem come now ?
regards,
U.SivaKumar
Innovations are made when conventions are broken
0 Kudos
Reply
mohammad hajahmad
Occasional Advisor

‎11-27-2002 12:33 AM

‎11-27-2002 12:33 AM

Re: FTP passive mode to hpux 10.20 over VPN


I didn't specify any VPN firewall in the setup. Vo logs to check ?

Regards,
Moh
Moh
0 Kudos
Reply
U.SivaKumar_2
Honored Contributor

‎11-27-2002 12:39 AM

‎11-27-2002 12:39 AM

Re: FTP passive mode to hpux 10.20 over VPN

Hi,

can you paste your /etc/ftpaccess ?

regards,
U.SivaKumar
Innovations are made when conventions are broken
0 Kudos
Reply
mohammad hajahmad
Occasional Advisor

‎11-27-2002 12:39 AM

‎11-27-2002 12:39 AM

Re: FTP passive mode to hpux 10.20 over VPN


The client server I'm using is WS_FTP and the passive mode is check. I thought that what you asked for at the biginning. so the answer for your first q. " what is my FTP server" is the unix ftp server. How would I enable the passive mode for that?? I think this is were the problem is.

Regards,
Moh
Moh
0 Kudos
Reply
U.SivaKumar_2
Honored Contributor

‎11-27-2002 12:44 AM

‎11-27-2002 12:44 AM

Re: FTP passive mode to hpux 10.20 over VPN

Hi,

WS_FTP server is running in HP-UX Server . AM I right ?

Which is the client machine ?

windows 2000 or windows 98 ?


how are you connecting to FTP server using
ftp command or any oher GUI client ?

Have you tried disbaling passive FTP option

regards,
U.SivaKumar
Innovations are made when conventions are broken
0 Kudos
Reply
mohammad hajahmad
Occasional Advisor

‎11-27-2002 12:48 AM

‎11-27-2002 12:48 AM

Re: FTP passive mode to hpux 10.20 over VPN


This file is not under /etc it's under /usr/local/etc/

------------------------------------

# uname -a
HP-UX samgeA B.10.20 E 9000/809 13338382 8-user license
# find / -name *ftpaccess*
/usr/local/etc/ftpaccess
# more /usr/local/etc/ftpaccess

class all real,guest,anonymous *

limit all 10 Any /etc/msgs/msg.dead

readme README* login
readme README* cwd=*

message /welcome.msg login
message .message cwd=*

compress yes local remote
tar yes local remote

log commands real
log transfers anonymous,real inbound,outbound

shutdown /etc/shutmsg

email user@hostname
#

-----------------------------------------

Regards,
Moh
Moh
0 Kudos
Reply
U.SivaKumar_2
Honored Contributor

‎11-27-2002 12:52 AM

‎11-27-2002 12:52 AM

Re: FTP passive mode to hpux 10.20 over VPN

Have you tried without passive mode option ?
Innovations are made when conventions are broken
0 Kudos
Reply
mohammad hajahmad
Occasional Advisor

‎11-27-2002 12:57 AM

‎11-27-2002 12:57 AM

Re: FTP passive mode to hpux 10.20 over VPN


You see, I'm simulating what the client will face from his end. I have the unix server and I'am using SW_FTP client software from a Windows 2000 PC to login. I tried it at the beginning with out passive mode and it was giving the same status as when using passive mode.

Regards,
MOh
Moh
0 Kudos
Reply
U.SivaKumar_2
Honored Contributor

‎11-27-2002 01:03 AM

‎11-27-2002 01:03 AM

Re: FTP passive mode to hpux 10.20 over VPN

Hi,


Put these lines in /usr/local/etc/ftpaccess

passive ports 0.0.0.0/0 65500 65534
passive address

Restart the ftpd service.

Try again with same client with passive option clicked.

regards,

U.SivaKumar
Innovations are made when conventions are broken
0 Kudos
Reply
mohammad hajahmad
Occasional Advisor

‎11-27-2002 01:12 AM

‎11-27-2002 01:12 AM

Re: FTP passive mode to hpux 10.20 over VPN


For the two lines,

passive ports 0.0.0.0/0 65500 65534
passive address

you mean the unix server ip address!

and for the first line a keep it like you wrote it

passive ports 0.0.0.0/0 65500 65534

what is it suppose to do?

Regards,
Mohammad
Moh
0 Kudos
Reply
U.SivaKumar_2
Honored Contributor

‎11-27-2002 01:26 AM

‎11-27-2002 01:26 AM

Re: FTP passive mode to hpux 10.20 over VPN

passive ports 0.0.0.0/0 65500 65534
passive address

here public ip address should the address which the FTP client ( windows 2000 ) uses to connect the FTP server ( HP-UX server's ip address if no NAT is done ).

passive ports options sets the port range to higher order for passive FTP to use.

regards,
U.SivaKumar
Innovations are made when conventions are broken
0 Kudos
Reply
mohammad hajahmad
Occasional Advisor

‎11-27-2002 01:38 AM

‎11-27-2002 01:38 AM

Re: FTP passive mode to hpux 10.20 over VPN



Hi,

For,

Passive address

Will it change my whole ip address to be passive? I'm giving the client a port that's customized to login to a specific application; it's not the generic ftp port numbers 20 & 21.

If incase we did this change and it affected something we always can come back and comment those two files and go back as it was?


Regards,
Mohammad
Moh
0 Kudos
Reply
U.SivaKumar_2
Honored Contributor

‎11-27-2002 01:50 AM

‎11-27-2002 01:50 AM

Re: FTP passive mode to hpux 10.20 over VPN

The client will be given that ip address for passive FTP only. There is no other issue changing that.

you can take a copy of ftpaccess befor edoing anything . you can always revert

regards,
U.SivaKumar
Innovations are made when conventions are broken
0 Kudos
Reply
mohammad hajahmad
Occasional Advisor

‎11-27-2002 03:42 AM

‎11-27-2002 03:42 AM

Re: FTP passive mode to hpux 10.20 over VPN



Hi for my ftpd ...

I have the following:

--------------------------------------------

# ps -ef|grep ftp
ediswit 15386 1 0 Oct 27 ? 0:00 entftps -c FTPctrl -e stnetr -s
Parser -p FTPdata
ediswit 15316 1 0 Oct 27 ? 0:00 ftp_bridge -e CFTPBRIDGE
root 21890 21616 0 14:43:05 ttyp3 0:00 grep ftp
#

---------------------------------------------

Could you let me know how exactlly to stop and start the daimon? I forgot the exact comand




Moh
0 Kudos
Reply
Michael Burbury
Frequent Advisor

‎12-01-2002 03:28 PM

‎12-01-2002 03:28 PM

Re: FTP passive mode to hpux 10.20 over VPN

Hi all,

My name is Michael Burbury from GXS Australia. This FTP server you are running is tyhe GE GXS Enterprise application and cannot do PASV FTP, only Active FTP.

There is no PASV FTP for the GXS Enterprise application.

In you VPN configuration, you must specify the connection may be made in both directions, you may not use a Proxy or port mapper and I have only found it to work via a dial-up connection to the Internet using CheckPoint Secure Remote software.

For support on the GXS Enterprise application, please visit www.gxs.com and click on Support Services, this is NOT a HP product and HP would not be able to support you.

Best Regards,

Michael Burbury
GE GXS Australia.
0 Kudos
Reply
mohammad hajahmad
Occasional Advisor

‎12-02-2002 11:23 PM

‎12-02-2002 11:23 PM

Re: FTP passive mode to hpux 10.20 over VPN

Hi Mike,

Thank you for the reply, so you came cross the same problem? I have got a feedback from our GXS colleague in Europe and he told me the same thing "ENT doesn???t support PASV FTP yet" but without any farther action. So you are telling me that there is a way to do it from VPN configuration? I will send an email to your GXS email address if you can help me on this problem.

Note: "by the way they told us to stop using the GE in front of GXS I don't know if that is valid in Australia ..."
B. Regards,
Mohammad
Moh
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.