FTP only works when there's a VPN connection

Discussion in 'OT Technology' started by AbortionSurvivor, Jul 19, 2006.

  1. AbortionSurvivor

    AbortionSurvivor Active Member

    Joined:
    Jun 5, 2002
    Messages:
    3,016
    Likes Received:
    0
    Location:
    Nor. Cal
    I setup a FTP server for my uncle. He's using a netgear Wireless FIREWALL router at his home. Port forwarding works and I can login into the FTP server from any location.

    The problem is when I actually try and download a file. The server times me out and nothing transfers.

    There's the hitch.
    When i connect to my work's VPN connection, I am able to download files from my uncle's FTP server. My work's VPN and my uncle have nothing in common and are two separate networks.

    any ideas on why this is happening?
     
  2. 7960

    7960 New Member

    Joined:
    Oct 17, 2004
    Messages:
    60,415
    Likes Received:
    0
    Location:
    New England
    my only FTP advice...... make sure you have it set to "use passive mode"

    other than that you're on your own.
     
  3. deusexaethera

    deusexaethera OT Supporter

    Joined:
    Jan 27, 2005
    Messages:
    19,712
    Likes Received:
    0
    Connecting to the VPN bypasses the router's firewall. Make sure the router's port #21 is open to the outside world, and set all of your computers to use Passive FTP. You'll find that setting in Internet Explorer.
     
  4. 5Gen_Prelude

    5Gen_Prelude There might not be an "I" in the word "Team", but

    Joined:
    Mar 14, 2000
    Messages:
    14,519
    Likes Received:
    1
    Location:
    Vancouver, BC, CANADA
    You're probably behind a firewall/router as well. If you hook yourself directly to the internet, I bet it would work (not saying this is a recommendation but it's a good test)
     
  5. AbortionSurvivor

    AbortionSurvivor Active Member

    Joined:
    Jun 5, 2002
    Messages:
    3,016
    Likes Received:
    0
    Location:
    Nor. Cal
    Thanks guys.

    To add something, i also noticed that I cannot RDP into the system unless i'm in my work's VPN.
    I'm thinking it's a security setting on the server and not the router?
    I'll check both.

    Ciffs:
    1. Can connect to FTP, but cannot download files. -Can download files only after connecting to a separate VPN connection.
    2. RDP does not work unless connecting to a separate VPN connection.
     
  6. AbortionSurvivor

    AbortionSurvivor Active Member

    Joined:
    Jun 5, 2002
    Messages:
    3,016
    Likes Received:
    0
    Location:
    Nor. Cal

    I tried from my home computer and the one i use at work. No luck with either one.
     
  7. deusexaethera

    deusexaethera OT Supporter

    Joined:
    Jan 27, 2005
    Messages:
    19,712
    Likes Received:
    0
    You need to check the settings on your grandfather's router. Log into the VPN so you can access the router's settings, and make sure the ports used by FTP, HTTP, RDP, etc are open to the outside; in fact, if all the computers connected to the router are using Windows XP, you could even shut the router's firewall off entirely.

    Something regarding Network Address Translation settings is digging at the back of my mind, but I don't know enough about how it works to be helpful. Maybe someone else can chime in.
     
  8. AbortionSurvivor

    AbortionSurvivor Active Member

    Joined:
    Jun 5, 2002
    Messages:
    3,016
    Likes Received:
    0
    Location:
    Nor. Cal

    when you say 'open', do you just mean Port Forwarding? or is there something else?
     
  9. Schproda

    Schproda New Member

    Joined:
    Jul 9, 2006
    Messages:
    442
    Likes Received:
    0
    Location:
    Memphis, TN
    You shouldn't have to use VPN for FTP. Port 21 should be open regardless of whether you're using RDP or VPN. You shouldn't have to do port forwarding unless you have a static IP on the outside or DNS name and have that external IP routing to an internal static IP. Go to www.grc.com and click on Shields Up and follow the prompts to scan the system for open ports. That should start you in the right direction.

    Open 3389 for RDP and make sure whatever PC will accept incoming connections. You can also share files with that.
     
  10. deusexaethera

    deusexaethera OT Supporter

    Joined:
    Jan 27, 2005
    Messages:
    19,712
    Likes Received:
    0
    What I mean is, you need to make sure the router is allowing all traffic on port 21 to pass through, regardless of where it's going or where it's coming from.
     
  11. Schproda

    Schproda New Member

    Joined:
    Jul 9, 2006
    Messages:
    442
    Likes Received:
    0
    Location:
    Memphis, TN
    Port 21 is almost never closed unless someone goes in and does it. See if you can FTP out from any PC. If you can it's open.
     
  12. R-Type

    R-Type The Bydo Empire must die!

    Joined:
    Aug 2, 2002
    Messages:
    1,049
    Likes Received:
    0
    Location:
    CT
    If you can get into and xfer (both ways) files from his machine while logged in to your company VPN but not directly from your connection, then it's not his router's NAT software/configuration that's at fault. It's yours. The VPN client tunnels all ip traffic right through your router's NAT via encapsulation, bypassing any protocol handling your router has for ftp.* Try setting the ftp server to default to PASV mode and see if your problem goes away. If you can't do that, switch to an ftpd that can, or set your client to default to PASV.


    *I assume here that in both cases (with and without being connected to the VPN), you're using the same ftp client configured the same way on the same machine.

    *EDIT*
    If you want the full story, read rfc-1579
    http://www.wu-ftpd.org/rfc/rfc1579.html
     

Share This Page