Windows Server 2003 R2 - FTP issue

gosh1976

We have a client with two small offices with a VPN in between. They have just one server that is the Domain Controller. There is some software also running that needs to be updated via an ftp site. It's probably not the best setup to have it running on the DC but that don't want to buy another server and we inherited the setup. There is a sonicwall but that doesn't appear to be an issue since we can access ftp sites from other computers. Windows firewall is currently turned off. Any ideas on why I can not reach an ftp site from the server? I have tried from multiple browsers and ftp clients.

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

RobertKaucher

1. Check error logs on the server.
2. Use WireShark on both the server and the client. Look and see what is happening to the connection.

If you find it hard to read the capture files from WireShark I'd be more than willing to assist.

sina2011

hey

umm I know this isnt exactley what your looking for but I had the same issue i was running FileZilla and all I did to resolve it was by adding the filezilla extension .exe in windows firewall exceptions.

I know its not the exact same issue but its just a similar issue I went through maybe it can give you an idea or something close.

gosh1976

When I use wireshark to capture packets I do see ftp packets but only going over the VPN to private addresses. I see no packets going to the public ftp server. Those packets are related to the software that I'm trying to update and they appear to be transferring successfully.

I don't know why I never see a packet with the destination I'm trying to go to. I Know DNS is resolving.

undomiel

Is the ftp session being initiated from within the software or something that you are doing separately? Maybe you should try dropping down to a command prompt and seeing if you can connect to the ftp site via ftp and/or telnet. Are you saying that you can't reach this particular ftp site or that you can't reach any ftp sites? Is there any blocking LAN->WAN going on in the sonicwall?

gosh1976

undomiel wrote: »

Is the ftp session being initiated from within the software or something that you are doing separately? Maybe you should try dropping down to a command prompt and seeing if you can connect to the ftp site via ftp and/or telnet. Are you saying that you can't reach this particular ftp site or that you can't reach any ftp sites? Is there any blocking LAN->WAN going on in the sonicwall?

It is something that I am doing separately. The connection times out whether I'm using CuteFTP, firefox, IE, Filezilla, or from the command prompt. I don't think there is an issue with the blocking on the sonicwall as I've looked at the settings and I can also ftp to a public ftp server from another computer on the same network & domain. I've tried to connect to other ftp sites and I get the same results.

RobertKaucher

So regardless of what you use you are unable to access a single, public FTP server while on the same system you are able to access other public FTP servers?

gosh1976

RobertKaucher wrote: »

So regardless of what you use you are unable to access a single, public FTP server while on the same system you are able to access other public FTP servers?

No I can access no public ftp servers from this machine - which happens to be the domain controller. This is true regardless of whether using browser, cuteFTP, command line, etc.. There are ftp packets being captured but they are either local or going over the VPN. These packets appear to be generated by the software I am trying to update.

However, if I go to another PC on the domain and behind the same sonicwall I can connect to any public ftp site.

undomiel

Are you able to send http requests out from the server? Only ftp doesn't work? It is using the same gateway as the other systems, correct? No firewall turned on local to the system that could be restricting traffic? Any content filter in place?

gosh1976

undomiel wrote: »

Are you able to send http requests out from the server? Only ftp doesn't work? It is using the same gateway as the other systems, correct? No firewall turned on local to the system that could be restricting traffic? Any content filter in place?

no trouble with http requests. It is using the same gateway as the other systems. Windows firewall would be the only thing local that would be restricting traffic and it is turned off. Nothing else is installed that would be restricting traffic that i know of or see.

RobertKaucher

Are you sure there is not a rule blocking FTP by the server's IP on the sonicwall?

gosh1976

RobertKaucher wrote: »

Are you sure there is not a rule blocking FTP by the server's IP on the sonicwall?

I checked again just to make sure and the only rule there is allowing ftp for any source and any destination and it makes no difference whether I delete the rule or put it back.

undomiel

Try looking at your NAT policies then, maybe even create an explicit NAT policy for connections from the DC to see if it makes a difference.

gosh1976

undomiel wrote: »

Try looking at your NAT policies then, maybe even create an explicit NAT policy for connections from the DC to see if it makes a difference.

I may try looking at the sonicwall some more this weekend. Right now I'm going on the assumption that it's the local machine causing the problem since wireshark never captures any ftp packets with a public ip destination leaving that machine.

apr911

I would try connecting from the DC to an FTP server on the local network (same segment in same location, not over the VPN) and see what happens.

From the sounds of things something is blocking the DC on FTP and it's most likely the firewall. If you cant connect to an FTP server on the same network then maybe its a host side issue.

As long as the traffic stays on the same network (and is thus never sent to the gateway which I am assuming is your firewall) it should stay on layer 2 and the switches should relay the traffic which will eliminate the possibility of any rules on the firewall.

RobertKaucher

Don't forget you should be able to do a capture on the SonicWALL as well. If I were experiencing this the first thing I would do would be try to connect and run a capture on the client and the SonicWALL at the same time to see what is going on.

undomiel

If worst comes to worst, how about setting up a proxy as a work around on one of the other machines?

gosh1976

I haven't had time to work on this after hours. I think I will just use a web based ftp client like net2ftp as a work around.

gosh1976

Well, I had put this on the back burner for a while because it wasn't that important. However, now I really need to get a certain application updated and the update is done from within their app. So, the internet ftp like net2ftp.com will not work for this. I was able to get a browser to connect to ftp after setting up another machine as a proxy but I never could get an ftp client to work through the proxy. I'm pretty sure I had the ports and settings correct but I'm not sure if it was due to the proxy servers I was using or a part of the original issue. I've tried it booted into safemode and I've turned off the vpn still no luck. I also installed an ftp server on one of the other local machines and could not connect.

I'm running out of ideas!