Our Products:   CompleteFTP  edtFTPnet/Free  edtFTPnet/PRO  edtFTPj/Free  edtFTPj/PRO
0 votes
19 views
asked in FAQ: CompleteFTP by (152k points)

Our CompleteFTP server is not giving a directory listing to authenticated clients. We have checked the Windows permissions and they are OK. What could be causing this?

Command: PASV
Response: 227 Entering Passive Mode (34,236,167,231,39,16).
Command: LIST
Response: 150 Opening BINARY mode data connection for listing
Error: Connection timed out after 20 seconds of inactivity
Error: Failed to retrieve directory listing
Status: Disconnected from server

1 Answer

0 votes
answered by (152k points)
 
Best answer

This is almost certainly a firewall problem. In FTP and FTPS, commands are sent on one network socket connection (always the standard port 21), and listings and transfers are sent on a separate connection on a different port (varies). 

Firewalls are designed to prevent connections on random port numbers. For FTP, they actually read the commands sent over port 21 and dynamically open the requested data port for a given transfer (which is sent by the server). For FTPS, commands are encrypted and so firewalls cannot open ports dynamically. So listings and transfers hang because the port sent to the client is not opened. 

The solution is to configure the firewall with a set range of ports that permit inbound connections. CompleteFTP must also be configured for the same range of ports. 

More details can be found in the User Guide, here

...