ftp windoze <- fc3 works fine, ftp fc3 <- fc3 doesn't work? (for me)

[Paul Howarth]

Bob Brennan wrote:
>>>230 Anonymous login ok, restrictions apply.
>>>Remote system type is UNIX.
>>>Using binary mode to transfer files.
>>
>>If, at this point, you use the command "pass off", what happens?
> 
> 
> BINGO! all commands now work. I need to now research proFTP
> configuration, I believe there is a setting regarding PASSIVE MODE.
> Let's assume Windoze ftp program runs in passive mode by default(?)

On the contrary, you have turned OFF passive mode, and *that's* the 
default on Windows.

> Any security reasons to *not* set up the ftp server to default to
> passive mode, or to accept passive mode connections (whichever the
> config option is)? I suppse it's not a hardship to tell an FC3 ftp-er
> (s)he needs to set passive mode on connection, I can even put it in
> the Welcome message. (not that anyone ever reads it...). Setting
> "binary" seems to be a better mode then ASCII too, which seems to be a
> bad default.

I suspect that there is a problem with NAT at either the client or 
server end. A special ftp-aware address-conversion filter is needed in 
the firewall setup to make NAT with ftp work properly.

>>>ftp> ls
>>>227 Entering Passive Mode (xx,xxx,xxx,xx,xxx,xxx).
>>>ftp: connect: No route to host
>>
>>Is there a layer of network address translation going on between client
>>and server?
> 
> 
> The symptoms are the same using an identical FC3 machine on the same
> LAN, from machine 10.0.0.11 to machine 10.0.0.10

If you're actually using addresses 10.x.x.x, you could show the 
addresses in use in the ftp dialogs instead of "x"ing them out. If the 
address shown as "xxx"s in:

227 Entering Passive Mode (xx,xxx,xxx,xx,xxx,xxx)

does not look like a 10.x.x.x address then the server does not think 
it's talking to a machine at 10.x.x.x and hence sends the response to 
the wrong place.

Paul.