We have FileZilla server 0.9.37 running on Windows server 2008 R2
Active mode works OK, The Windows firewall on the server is off.
Our Router is a DrayTek vigor 2820. Under NAT, Open Ports, I have opened the following ports for the servers local IP
TCP 20-22, TCP 45100-65535
In FileZilla server, under passive mode settings (I can't post an image so…)
Use the following IP: 213.106.150.123
Don't use external IP from local connections: Checked
Use custom port range: 45100-65535
From a remote server in Germany which I RDP into I try connecting back to the FileZilla server.
Status: Connecting to 213.106.150.123:21...
Status: Connection established, waiting for welcome message...
Response: 220 --
Command: USER ftp_001471
Response: 331 Password required for ftp_001471
Command: PASS ********
Response: 230 Logged on
Status: Connected
Status: Retrieving directory listing...
Command: CWD /
Response: 250 CWD successful. "/" is current directory.
Command: TYPE I
Response: 200 Type set to I
Command: PASV
Response: 227 Entering Passive Mode (213,106,150,123,238,133)
Command: MLSD
Response: 425 Can't open data connection.
Error: Failed to retrieve directory listing
The status window on FileZilla server reports the following
(not logged in) (87.106.131.22)> Connected, sending welcome message...
(not logged in) (87.106.131.22)> 220 --
(not logged in) (87.106.131.22)> USER ftp_001471
(not logged in) (87.106.131.22)> 331 Password required for ftp_001471
(not logged in) (87.106.131.22)> PASS ********
ftp_001471 (87.106.131.22)> 230 Logged on
ftp_001471 (87.106.131.22)> CWD /
ftp_001471 (87.106.131.22)> 250 CWD successful. "/" is current directory.
ftp_001471 (87.106.131.22)> TYPE I
ftp_001471 (87.106.131.22)> 200 Type set to I
ftp_001471 (87.106.131.22)> PASV
ftp_001471 (87.106.131.22)> 227 Entering Passive Mode (213,106,150,123,195,197)
ftp_001471 (87.106.131.22)> MLSD
ftp_001471 (87.106.131.22)> 425 Can't open data connection.
If I change the FileZilla passive mode setting from our external IP to Default, I get the following details from the client in Germany trying to connect.
Status: Connecting to 213.106.150.123:21...
Status: Connection established, waiting for welcome message...
Response: 220 --
Command: USER ftp_001471
Response: 331 Password required for ftp_001471
Command: PASS ********
Response: 230 Logged on
Status: Connected
Status: Retrieving directory listing...
Command: CWD /
Response: 250 CWD successful. "/" is current directory.
Command: TYPE I
Response: 200 Type set to I
Command: PASV
Response: 227 Entering Passive Mode (213,106,150,123,196,198)
Command: MLSD
Response: 425 Can't open data connection.
Error: Failed to retrieve directory listing
And the details on the server.
(not logged in) (87.106.131.22)> Connected, sending welcome message...
(not logged in) (87.106.131.22)> 220 --
(not logged in) (87.106.131.22)> USER ftp_001471
(not logged in) (87.106.131.22)> 331 Password required for ftp_001471
(not logged in) (87.106.131.22)> PASS ********
ftp_001471 (87.106.131.22)> 230 Logged on
ftp_001471 (87.106.131.22)> CWD /
ftp_001471 (87.106.131.22)> 250 CWD successful. "/" is current directory.
ftp_001471 (87.106.131.22)> TYPE I
ftp_001471 (87.106.131.22)> 200 Type set to I
ftp_001471 (87.106.131.22)> PASV
ftp_001471 (87.106.131.22)> 227 Entering Passive Mode (192,168,1,4,195,198)
ftp_001471 (87.106.131.22)> MLSD
ftp_001471 (87.106.131.22)> 425 Can't open data connection.
What am I doing wrong?
When I specify the external IP the client and server report the same, but the ports get screwed up and when I run with default the server uses its internal IP but the port assignment looks better.
Edit: more testing and its working.
So I installed the FTP server in IIS 7.5, disabled FileZilla and it worked! I then tried re-enabling FileZilla and that too worked! This was all from my home ADSL connection.
I then tried again from our remote server in Germany and it failed, hangs on the directory listing in passive mode for both IIS FTP and FileZilla.
I guess there is something up with the Firewall / router at the data centre in Germany. I don't really want to mess with the remote server router(I'm not even sure I can alter firewall rules as its hosted) I'm worried about corporate customers suffering the same fate when trying to access our FTP sites.
Best Answer
I suggest you try to locally on the server using Windows' FTP or another installed client. This way you will see if it's network/firewall issue or an issue with the configuration of the FTP server. Also check Filezilla server's log files if the commands.
If it depends on the firewall, here is a TechNet article that could help: How to Configure Windows Firewall for a Passive Mode FTP Server. But you wrote that the Windows firewall is off, so I suppose it is a problem of the external firewall/router (also check the client side).