Gene6 FTP Server Forum: Data Socket Error: Connection Refused - Gene6 FTP Server Forum

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Data Socket Error: Connection Refused Rate Topic: -----

#1 User is offline   ChrisB 

  • New Member
  • Pip
  • Group: Members
  • Posts: 6
  • Joined: 24-August 07

Posted 24 August 2007 - 10:10 AM

I'm running version 3.9.0 on our central server and using a self-signed Digitial Certificate to use SSL. It was working perfectly yesterday but trying to connect to it today causes my FTP client to report:

CODE
SmartFTP v2.5.1006.26
Resolving host name "xxx"
Connecting to xxx Port: 21
Connected to xxx.
220 Gene6 FTP Server v3.9.0 (Build 2) ready...
AUTH TLS
234 AUTH command ok; starting SSL connection.
Connected. Exchanging encryption keys...
Session Cipher: 128 bit RC4
TLS encrypted session established.
PBSZ 0
200 PBSZ=0
USER xxx
331 Password required for xxx.
PASS (hidden)
230 User xxx logged in.
SYST
215 UNIX Type: L8
Detected Server Type: UNIX
FEAT
211-Extensions supported:
AUTH TLS
CCC
CLNT
CPSV
EPRT
EPSV
MDTM
MFCT
MFMT
MLST type*;size*;create;modify*;
PASV
PBSZ
PROT
REST STREAM
SIZE
SSCN
TVFS
UTF8
XCRC "filename" SP EP
XMD5 "filename" SP EP
XSHA1 "filename" SP EP
211 End.
Detected Server Software: Gene6 FTP Server 3.x
CLNT SmartFTP 2.5.1006
200 Noted.
OPTS UTF8 ON
200 UTF8 OPTS ON
PWD
257 "/" is current directory.
TYPE A
200 Type set to A.
PROT P
200 PROT command successful.
PASV
227 Entering Passive Mode (xxx)
Opening data connection to xxx Port: 41488
MLSD
Connected. Exchanging encryption keys...
SSL/TLS client handshake failed (Error = 0x2746).
An existing connection was forcibly closed by the remote host.
0 bytes transferred. (N/A/s) (0 ms)
425 Cannot open data connection.
Automatic failover of data connection mode from "Passive Mode (PASV)" to "Active Mode (PORT)".
PORT xxx
200 Port command successful.
MLSD
425 Cannot open data connection.


Obviously, this means that I can't be transferring files between machines. The above log is from SmartFTP, which fails all the time. FlashFXP sometimes allows me to navigate the file structure succesfully but it's only a matter of time before it can't maintain the connection.

The FTP log is:

CODE
07/08/24 10:03:32, 14, 192.168.0.1, , new connection from 192.168.0.1 on xxx:21 (Explicit SSL)
07/08/24 10:03:37, 14, 192.168.0.1, , sending welcome message.
07/08/24 10:03:37, 14, 192.168.0.1, , 220 Gene6 FTP Server v3.9.0 (Build 2) ready...
07/08/24 10:03:37, 14, 192.168.0.1, , AUTH TLS
07/08/24 10:03:37, 14, 192.168.0.1, , 234 AUTH command ok; starting SSL connection.
07/08/24 10:03:37, 14, 192.168.0.1, , establishing encrypted session
07/08/24 10:03:37, 14, 192.168.0.1, , PBSZ 0
07/08/24 10:03:37, 14, 192.168.0.1, , 200 PBSZ=0
07/08/24 10:03:37, 14, 192.168.0.1, , USER xxx
07/08/24 10:03:37, 14, 192.168.0.1, xxx, 331 Password required for xxx.
07/08/24 10:03:37, 14, 192.168.0.1, xxx, PASS ****
07/08/24 10:03:37, 14, 192.168.0.1, xxx, logged in as "xxx".
07/08/24 10:03:37, 14, 192.168.0.1, xxx, 230 User xxx logged in.
07/08/24 10:03:37, 14, 192.168.0.1, xxx, SYST
07/08/24 10:03:37, 14, 192.168.0.1, xxx, 215 UNIX Type: L8
07/08/24 10:03:37, 14, 192.168.0.1, xxx, FEAT
07/08/24 10:03:37, 14, 192.168.0.1, xxx, 211-Extensions supported:
07/08/24 10:03:37, 14, 192.168.0.1, xxx,  AUTH TLS
07/08/24 10:03:37, 14, 192.168.0.1, xxx,  CCC
07/08/24 10:03:37, 14, 192.168.0.1, xxx,  CLNT
07/08/24 10:03:37, 14, 192.168.0.1, xxx,  CPSV
07/08/24 10:03:37, 14, 192.168.0.1, xxx,  EPRT
07/08/24 10:03:37, 14, 192.168.0.1, xxx,  EPSV
07/08/24 10:03:37, 14, 192.168.0.1, xxx,  MDTM
07/08/24 10:03:37, 14, 192.168.0.1, xxx,  MFCT
07/08/24 10:03:37, 14, 192.168.0.1, xxx,  MFMT
07/08/24 10:03:37, 14, 192.168.0.1, xxx,  MLST type*;size*;create;modify*;
07/08/24 10:03:37, 14, 192.168.0.1, xxx,  PASV
07/08/24 10:03:37, 14, 192.168.0.1, xxx,  PBSZ
07/08/24 10:03:37, 14, 192.168.0.1, xxx,  PROT
07/08/24 10:03:37, 14, 192.168.0.1, xxx,  REST STREAM
07/08/24 10:03:37, 14, 192.168.0.1, xxx,  SIZE
07/08/24 10:03:37, 14, 192.168.0.1, xxx,  SSCN
07/08/24 10:03:37, 14, 192.168.0.1, xxx,  TVFS
07/08/24 10:03:37, 14, 192.168.0.1, xxx,  UTF8
07/08/24 10:03:37, 14, 192.168.0.1, xxx,  XCRC "filename" SP EP
07/08/24 10:03:37, 14, 192.168.0.1, xxx,  XMD5 "filename" SP EP
07/08/24 10:03:37, 14, 192.168.0.1, xxx,  XSHA1 "filename" SP EP
07/08/24 10:03:37, 14, 192.168.0.1, xxx, 211 End.
07/08/24 10:03:37, 14, 192.168.0.1, xxx, CLNT SmartFTP 2.5.1006
07/08/24 10:03:37, 14, 192.168.0.1, xxx, 200 Noted.
07/08/24 10:03:37, 14, 192.168.0.1, xxx, OPTS UTF8 ON
07/08/24 10:03:37, 14, 192.168.0.1, xxx, 200 UTF8 OPTS ON
07/08/24 10:03:37, 14, 192.168.0.1, xxx, PWD
07/08/24 10:03:37, 14, 192.168.0.1, xxx, 257 "/" is current directory.
07/08/24 10:03:37, 14, 192.168.0.1, xxx, TYPE A
07/08/24 10:03:37, 14, 192.168.0.1, xxx, 200 Type set to A.
07/08/24 10:03:37, 14, 192.168.0.1, xxx, PROT P
07/08/24 10:03:37, 14, 192.168.0.1, xxx, 200 PROT command successful.
07/08/24 10:03:37, 14, 192.168.0.1, xxx, PASV
07/08/24 10:03:37, 14, 192.168.0.1, xxx, 227 Entering Passive Mode (xxx)
07/08/24 10:03:37, 14, 192.168.0.1, xxx, MLSD
07/08/24 10:03:37, 14, 192.168.0.1, xxx, 425 Cannot open data connection.
07/08/24 10:03:37, 14, 192.168.0.1, xxx, PORT xxx
07/08/24 10:03:37, 14, 192.168.0.1, xxx, 200 Port command successful.
07/08/24 10:03:37, 14, 192.168.0.1, xxx, MLSD
07/08/24 10:03:37, 14, 192.168.0.1, xxx, 425 Cannot open data connection.


Can anyone suggest why this might be happening?

Thanks,
Chris.
0

#2 User is offline   Nabla 

  • Confirmed Member
  • Group: Registered Users
  • Posts: 454
  • Joined: 31-August 05
  • Location:En France

Posted 24 August 2007 - 04:47 PM

Maybe try http://www.g6ftpserver.com/ftptest it has some debug info that can be useful to see what is wrong.
Errors are the best teachers.
0

#3 User is offline   Boost 

  • Addicted Member
  • Group: Experts
  • Posts: 1383
  • Joined: 16-August 04
  • Gender:Male
  • Location:Denmark

Posted 24 August 2007 - 06:04 PM

What passive mode ports are you using ?
You have edited out the ports part in the log.
CODE
07/08/24 10:03:37, 14, 192.168.0.1, xxx, 227 Entering Passive Mode (xxx)
07/08/24 10:03:37, 14, 192.168.0.1, xxx, MLSD
07/08/24 10:03:37, 14, 192.168.0.1, xxx, 425 Cannot open data connection.

It sounds like the ports are not open. However I cannot see which port it tried to use, as you edited it out.
It's okay to edit out the IP, but leave the ports so we can see if they are the right ones.
0

#4 User is offline   Ken Robertson 

  • New Member
  • Group: Registered Users
  • Posts: 1
  • Joined: 06-June 06

Posted 26 August 2007 - 05:45 PM

I am having the same issue. Using v3.9.0 with SyncBackSE v4.2.4.0

07/08/26 09:39:09, 2, xxx, ken, CWD /photos/
07/08/26 09:39:09, 2, xxx, ken, change directory '/photos' -> 'F:\SteadyByte\ken\photos' --> Access allowed.
07/08/26 09:39:09, 2, xxx, ken, 250 CWD command successful. "/photos" is current directory.
07/08/26 09:39:09, 2, xxx, ken, PWD
07/08/26 09:39:09, 2, xxx, ken, 257 "/photos" is current directory.
07/08/26 09:39:09, 2, xxx, ken, TYPE I
07/08/26 09:39:09, 2, xxx, ken, 200 Type set to I.
07/08/26 09:39:09, 2, xxx, ken, PASV
07/08/26 09:39:09, 2, xxx, ken, 227 Entering Passive Mode (xxx,135,206)
07/08/26 09:39:09, 2, xxx, ken, MLSD
07/08/26 09:39:39, 2, xxx, ken, 425 Cannot open data connection.
07/08/26 09:39:39, 2, xxx, ken, QUIT
07/08/26 09:39:39, 2, xxx, ken, 221 Goodbye.
07/08/26 09:39:39, 2, xxx, ken, disconnected. (00d00:00:31)

Passive transfers are working just fine, as I've been able to use other clients. My passive port range is the default, 1024-65535. I also moved it to an IP address on a non-firewalled NIC, so it shouldn't be an issue with the port not being open.
0

#5 User is offline   Nabla 

  • Confirmed Member
  • Group: Registered Users
  • Posts: 454
  • Joined: 31-August 05
  • Location:En France

Posted 29 August 2007 - 10:43 AM

Only the list format syntax is different between the 2 commands list and mlsd so if list works mlsd should as well, except if there is a problem with the client, try another one like Smartftp to check.
Errors are the best teachers.
0

#6 User is offline   ChrisB 

  • New Member
  • Pip
  • Group: Members
  • Posts: 6
  • Joined: 24-August 07

Posted 01 September 2007 - 10:51 AM

Ok, I've sorted out a lot of the problems that I had back then but now my ftp clients are now reporting:

CODE
[10:42:13] SmartFTP v2.5.1006.26
[10:42:13] Resolving host name "xxx"
[10:42:13] Connecting to xxx Port: 21
[10:42:13] Connected to xxx.
[10:42:14] 220 Gene6 FTP Server v3.9.0 (Build 2) ready...
[10:42:14] AUTH TLS
[10:42:14] 234 AUTH command ok; starting SSL connection.
[10:42:14] Connected. Exchanging encryption keys...
[10:42:14] Session Cipher: 128 bit RC4
[10:42:14] TLS encrypted session established.
[10:42:14] PBSZ 0
[10:42:14] 200 PBSZ=0
[10:42:14] USER xxx
[10:42:14] 331 Password required for xxx.
[10:42:14] PASS (hidden)
[10:42:14] 230 User xxx logged in.
[10:42:14] SYST
[10:42:14] 215 UNIX Type: L8
[10:42:14] Detected Server Type: UNIX
[10:42:14] FEAT
[10:42:14] 211-Extensions supported:
[10:42:14]  AUTH TLS
[10:42:14]  CCC
[10:42:14]  CLNT
[10:42:14]  CPSV
[10:42:14]  EPRT
[10:42:14]  EPSV
[10:42:14]  MDTM
[10:42:14]  MFCT
[10:42:14]  MFMT
[10:42:14]  MLST type*;size*;create;modify*;
[10:42:14]  MODE Z
[10:42:14]  PASV
[10:42:14]  PBSZ
[10:42:14]  PROT
[10:42:14]  REST STREAM
[10:42:14]  SIZE
[10:42:14]  SSCN
[10:42:14]  TVFS
[10:42:14]  UTF8
[10:42:14]  XCRC "filename" SP EP
[10:42:14]  XMD5 "filename" SP EP
[10:42:14]  XSHA1 "filename" SP EP
[10:42:14] 211 End.
[10:42:14] Detected Server Software: Gene6 FTP Server 3.x
[10:42:14] CLNT SmartFTP 2.5.1006
[10:42:15] 200 Noted.
[10:42:15] OPTS UTF8 ON
[10:42:15] 200 UTF8 OPTS ON
[10:42:15] PWD
[10:42:15] 257 "/" is current directory.
[10:42:15] TYPE A
[10:42:15] 200 Type set to A.
[10:42:15] MODE Z
[10:42:15] 200 Mode Z ok.
[10:42:15] PROT P
[10:42:15] 200 PROT command successful.
[10:42:15] PASV
[10:42:15] 227 Entering Passive Mode (192,168,0,2,195,112)
[10:42:15] Opening data connection to 192.168.0.2 Port: 50032
[10:42:15] MLSD
[10:42:36] A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
[10:42:45] 425 Cannot open data connection.
[10:42:45] Automatic failover of data connection mode from "Passive Mode (PASV)" to "Active Mode (PORT)".
[10:42:47] PORT 192,168,1,3,5,70
[10:42:47] 200 Port command successful.
[10:42:47] MLSD
[10:43:08] 425 Cannot open data connection.


FlashFXP is much the same log-wise. Port 21 and the range 50000-50100 are also open in our firewall.

Here is the Gene6 log as well

CODE
* About to connect() to xxx port 21
* Trying xxx... connected
* Connected to xxx (xxx) port 21
< 220 Gene6 FTP Server v3.9.0 (Build 2) ready...

> AUTH SSL
< 234 AUTH command ok; starting SSL connection.
* successfully set certificate verify locations:
* CAfile: d:\www-bin\curl\curl-ca-bundle.crt
CApath: none
* SSLv3, TLS handshake, Client hello (1):
SSLv3, TLS handshake, Server hello (2):
SSLv3, TLS handshake, CERT (11):
SSLv3, TLS handshake, Server finished (14):
SSLv3, TLS handshake, Client key exchange (16):
SSLv3, TLS change cipher, Client hello (1):
SSLv3, TLS handshake, Finished (20):
SSLv3, TLS change cipher, Client hello (1):
SSLv3, TLS handshake, Finished (20):
SSL connection using AES256-SHA
* Server certificate:
* subject: /L=Aberdeen/ST=Grampian/C=UK/CN=xxx/emailAddress=chris@ethicalmaintenance.org/O=Ethical Maintenance/OU=EM
* start date: 2007-08-24 09:38:25 GMT
* expire date: 2017-08-24 09:38:25 GMT
* common name: emaint.dyndns.org (matched)
* issuer: /L=Aberdeen/ST=Grampian/C=UK/CN=xxx/emailAddress=chris@ethicalmaintenance.org/O=Ethical Maintenance/OU=EM
* SSL certificate verify result: error number 1 (18), continuing anyway.

> USER xxx
< 331 Password required for xxx.

> PASS *****
< 230 User xxx logged in.

> PBSZ 0
< 200 PBSZ=0

> PROT P
< 200 PROT command successful.

> PWD
< 257 "/" is current directory.
* Entry path is '/'

> CLNT Testing from http://www.g6ftpserver.com/ftptest from IP 82.163.44.88
< 200 Noted.

> FEAT
< 211-Extensions supported:
< AUTH TLS
< CCC
< CLNT
< CPSV
< EPRT
< EPSV
< MDTM
< MFCT
< MFMT
< MLST type*;size*;create;modify*;
< MODE Z
< PASV
< PBSZ
< PROT
< REST STREAM
< SIZE
< SSCN
< TVFS
< UTF8
< XCRC "filename" SP EP
< XMD5 "filename" SP EP
< XSHA1 "filename" SP EP
< 211 End.

> PASV
* Connect data stream passively
< 227 Entering Passive Mode (192,168,0,2,195,135)
* Trying 192.168.0.2... Timed out
* couldn't connect to host
* Connection #0 to host xxx left intact

* Closing connection #0
* SSLv3, TLS alert, Client hello (1):

This post has been edited by ChrisB: 01 September 2007 - 10:53 AM

0

#7 User is offline   Nabla 

  • Confirmed Member
  • Group: Registered Users
  • Posts: 454
  • Joined: 31-August 05
  • Location:En France

Posted 01 September 2007 - 11:28 AM

Your passive ip is incorrect, it should be the public one, change it in the domain / ip binding
Errors are the best teachers.
0

#8 User is offline   ChrisB 

  • New Member
  • Pip
  • Group: Members
  • Posts: 6
  • Joined: 24-August 07

Posted 05 September 2007 - 11:36 AM

QUOTE (Nabla @ Sep 1 2007, 11:28 AM) <{POST_SNAPBACK}>
Your passive ip is incorrect, it should be the public one, change it in the domain / ip binding


I've changed "Redirect PASV IP" to "emaint.dyndns.org".

Should that be it?
0

#9 User is offline   Nabla 

  • Confirmed Member
  • Group: Registered Users
  • Posts: 454
  • Joined: 31-August 05
  • Location:En France

Posted 05 September 2007 - 11:46 AM

Do a new test on http://www.g6ftpserver.com/ftptest and that should tell you if it is ok.
Errors are the best teachers.
0

#10 User is offline   ChrisB 

  • New Member
  • Pip
  • Group: Members
  • Posts: 6
  • Joined: 24-August 07

Posted 05 September 2007 - 12:53 PM

QUOTE (Nabla @ Sep 5 2007, 11:46 AM) <{POST_SNAPBACK}>
Do a new test on http://www.g6ftpserver.com/ftptest and that should tell you if it is ok.


It's timing out now

CODE
> PASV
* Connect data stream passively
< 227 Entering Passive Mode (62,136,31,73,195,92)
* Trying 62.136.31.73... Timed out
* couldn't connect to host
* Connection #0 to host emaint.dyndns.org left intact


According to my router the requests are logged and are being allowed through. On the server side, the log reports "Cannot open data connection" and then "Connection closed, timed out".
0

#11 User is offline   Nabla 

  • Confirmed Member
  • Group: Registered Users
  • Posts: 454
  • Joined: 31-August 05
  • Location:En France

Posted 05 September 2007 - 02:24 PM

Everything looks like the connection can't reach the server, either it is blocked at router's level or if you have a software firewall check that it is also allowing the connection.
Errors are the best teachers.
0

#12 User is offline   june 

  • New Member
  • Pip
  • Group: Members
  • Posts: 3
  • Joined: 05-September 07

Posted 06 September 2007 - 08:40 AM

yeah, i agree !I like your singature"Errors are the best teachers".
0

#13 User is offline   ChrisB 

  • New Member
  • Pip
  • Group: Members
  • Posts: 6
  • Joined: 24-August 07

Posted 06 September 2007 - 04:11 PM

There is no local firewall on that machine and the router's security log shows that it is forwarding packets correctly.

Occasionally it is managing to list the directory contents. It seems to be entirely random.

This post has been edited by ChrisB: 06 September 2007 - 04:15 PM

0

#14 User is offline   Nabla 

  • Confirmed Member
  • Group: Registered Users
  • Posts: 454
  • Joined: 31-August 05
  • Location:En France

Posted 06 September 2007 - 05:10 PM

But you also set 50000-50100 in the server domain ip binding passive port range, right ?
Errors are the best teachers.
0

#15 User is offline   ChrisB 

  • New Member
  • Pip
  • Group: Members
  • Posts: 6
  • Joined: 24-August 07

Posted 11 September 2007 - 11:47 AM

QUOTE (Nabla @ Sep 6 2007, 05:10 PM) <{POST_SNAPBACK}>
But you also set 50000-50100 in the server domain ip binding passive port range, right ?


I have to entries under IP Binding, both are "*". In the Passive Port Range it is 50000 to 50100.
0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users