1. Home
  2. Networking Firewalls
  3. Troubles using WS_FTP Pro with Zone Alarm Pro under XP

Troubles using WS_FTP Pro with Zone Alarm Pro under XP

[This followup was posted to comp.security.firewalls and a copy was sent to the cited author.]

Hi All:

Just rebuilt my machine (i.e., low-level formats on all SCSI drives, complete new, clean install of OS and all apps) and now seem to have trouble accessing FTP sites using WS_FTP Pro v9.01 with Zone Alarm Pro active (v5.5.062) active.

NOTE: I have installed XP's SP2 but have turned off its firewall.

The trouble is that for all sights connecting takes very long, and on one site inparticular, once connected I cannot see any files or directories (I know I'm connected b/c I can see the results in the Connection Log window).

Note: I can open a command-prompt and FTP straight away, i.e., I connect qucikly, get prompted for user & pass and then can move about seeing all dirs & files.

Zone Alarm has been set to "Allow" the WS_FTP Pro client access to the Internet.

If I close Zone Alarm, and then use WS_FTP Pro to coonect, all goes quickly and I can once again see all files & directories.

Any ideas on what to do/try?

Don't want to have ZA closed whenever I FTP, and yet don't want to be forced to use the command-prompt level FTP capabilities.

Thanks

Reply to
List Lurker
Loading thread data ...

This may have something to do with FTP having two modes, passive and active (i think the other is active). Anyway in one of these two mode FTP is a dynamic protocol. It opens one port usually 21 to send commands and another port to send data. It sounds like ZA is allowing the commands port (ie. you are connecting) but not allowing the data port (ie. you cannot see folders, copy files etc). You have two options if this is the case:

  1. Try to find on google how to config ZA for FTP in active mode.
  2. Get your FTP app to connect using Passive mode.

Cheers P.

PS. the commands prompt FTP must use passive mode.

List Lurker wrote:

Reply to
Peter Piper

Ftp protocols are hard to deal with when setting up a firewall. Active FTP and Passive FTP have different requirements. For details, see: Active FTP vs Passive FTP

formatting link
Active FTP connection requirements TCP; remote port 21; local port 1025-5000; outgoing TCP; remote port 20; local port 1025-5000; incoming

Passive FTP connection requirements TCP; remote ports 20,21,1025-65535; local ports 1025-5000; incoming/outgoing.

I have the Active rules enabled all the time. When I can't make an FTP connection, I then go to the firewall and temporarily enable the Passive rule. Seems to me most connection are on Active FTP. Casey

Reply to
Casey

ListLurker:

I've been using ZA free and WS_FTP LE for several years. Because of the firewall, make sure that WS_FTP is set to passive mode.

Good luck,

Steve

Reply to
Steve

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.