Our Products:   CompleteFTP  edtFTPnet/Free  edtFTPnet/PRO  edtFTPj/Free  edtFTPj/PRO
0 votes
130 views
in FAQ: CompleteFTP by (153k points)

Our CompleteFTP server is not giving a directory listing to authenticated clients. We have checked the Windows permissions and they are OK. What could be causing this?

Command: PASV
Response: 227 Entering Passive Mode (34,236,167,231,39,16).
Command: LIST
Response: 150 Opening BINARY mode data connection for listing
Error: Connection timed out after 20 seconds of inactivity
Error: Failed to retrieve directory listing
Status: Disconnected from server

1 Answer

0 votes
by (153k points)
 
Best answer

This is almost certainly a firewall problem. In FTP and FTPS, commands are sent on one network socket connection (always the standard port 21), and listings and transfers are sent on a separate connection on a different port (varies). 

Firewalls are designed to prevent connections on random port numbers. For FTP, they actually read the commands sent over port 21 and dynamically open the requested data port for a given transfer (which is sent by the server). For FTPS, commands are encrypted and so firewalls cannot open ports dynamically. So listings and transfers hang because the port sent to the client is not opened. 

The solution is to configure the firewall with a set range of ports that permit inbound connections. CompleteFTP must also be configured for the same range of ports. 

More details can be found in the User Guide, here

...