Allow clients access to internet ftps sites

I have a client that says he is trying to access a secure ftp service using port 990. The user gets these command responces. I have removed site addresses and usernames etc. at users request for security.

R=E9ponse : 220 Welcome to XFB Gateway FTP server Commande : XXXXXXXX R=E9ponse : 331 Send password please Commande : PASS XXXXXX R=E9ponse : 230 User logged in, proceed Commande : FEAT R=E9ponse : 211-Extensions supported R=E9ponse : 211- SIZE R=E9ponse : 211- MDTM R=E9ponse : 211- AUTH TLS R=E9ponse : 211- PBSZ R=E9ponse : 211- PROT R=E9ponse : 211 End of feat command response Commande : SYST R=E9ponse : 215 UNIX XFB/UNIX Commande : PBSZ 0 R=E9ponse : 503 Bad sequence of command Commande : PROT P R=E9ponse : 503 Bad sequence of command Etat : Connect=E9[English] state : Connecetd Etat : R=E9cup=E9ration de la liste de r=E9pertoires...[English] getting folders list Commande : PWD R=E9ponse : 257 "/" is current directory. Commande : TYPE A R=E9ponse : 200 Command okay Commande : PASV R=E9ponse : 227 Entering passive mode (xxx,xxx,xxx,xxx,xxx,xxx). Commande : LIST Erreur : Inactivit=E9 d=E9tect=E9e ![ENGLISH] Inactivity detected Erreur : N'a pas pu r=E9cup=E9rer la liste du r=E9pertoire[ENGLISH] Can't get folders list

The 227 Entering passive mode (xxx,xxx,xxx,xxx,xxx,xxx) thwe first four decimal numbers appear to be the IP address of the destination server I do not know what the following 2 sets of numbers are unless they make up an IP v 6 address

The firewall is a PIX-525 running 6.3(5) OS

I don't have any ports blocked for outgoing traffic.

I do have fixup protocol ftp 21

I have limited expertise in this as I am covering for our usual network engineer, but need to try and resolve this problem as soon as possible.

Thanks to anyone who can point me in the right direction to fix this,

Marcus.

Reply to
marcus
Loading thread data ...

The two numbers together represent one 16 bit port number, 8 bits in each one.

Try having the client use active ftp instead of passive.

Reply to
Walter Roberson

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.