Your best friend for file transfer.

Fetch application logoFetch

Help! Fetch hangs when connecting behind firewall (4 posts)

This is an archived topic. The information in it is likely to be out-of-date and no longer applicable to current versions of Fetch.
  • Started 11 years ago by mindy2
  • Latest reply 11 years ago from Jim Matthews
  • mindy2 Member

    I'm using Fetch 4.03 with Mac OS 10.2 behind a Symantec Gateway/Firewall 200 that only allows ACTIVE FTP connections.

    I've uncheckd the "Use passive transfer mode" in both fetch and the Network settings. However, I'm continuing to experience the same problems.

    I can connect fine to an internal FTP server, but I can't make any connections to outside FTP servers.

    Here's a sample Fetch Transcript:
    Fetch 4.0.3 System 0x1024 Serial FETCHFL001-ABVN-C04A TR
    Connecting to ftp.urbaninsight.com port 21 (2/24/03 9:35:35 PM)
    220 ProFTPD 1.2.4 Server (ProFTPD) [ireland.urbaninsight.com]
    USER user1234
    331 Password required for user1234.
    PASS
    230 User user1234 logged in.
    SYST
    215 UNIX Type: L8
    PWD
    257 "/" is current directory.
    MACB ENABLE
    500 MACB not understood.
    PWD
    257 "/" is current directory.
    CWD /httpdocs
    250 CWD command successful.
    PWD
    257 "/httpdocs" is current directory.
    PORT 192,168,0,58,191,217
    421 No Transfer Timeout (300 seconds): closing control connection.
    ftp_list: -30001 (state == GETTING_LIST)
    QUIT
    send_cmd():con_conn->Putline() returns -3155

    Posted 11 years ago #

  • Jim Matthews Administrator

    That's an unusual firewall setup; most only allow passive connections. With passive FTP all the connections go from the client to the server, and most firewall administrators find that less threatening than having connections coming back into the network from outside. Have you tried connecting with PASV turned on?

    Thanks,

    Jim Matthews
    Fetch Softworks

    Posted 11 years ago #

  • mindy2 Member

    Thanks, Jim. Yes -- I have tried making a passive connection, and this also fails.

    The connection getts to:
    257 "/httpdocs" is current directory.
    PASV
    227 Entering Passive Mode (207,151,39,129,151,65).
    LIST

    and just hangs here until it times out.

    The Symantec Firewall is a pretty standard piece of equipment. Their docs say that they require active connections:

    "Using passive FTP with a virtual server
    Issue: Using passive FTP with a virtual server is not currently supported.
    Workaround: Use active FTP."
    Source:
    http://service1.symantec.com/SUPPORT/ent-gate.nsf/fd201a1c8a788e3f88256bc1005cd7d3/442793c4a14228c385256c1c00727e2f?OpenDocument&prev=http://search.symantec.com/custom/us/techsupp/ enterprise/kb/query.html?*col=kb%20us*st=1*nh=10*pcode=*qp=url:/ent-gate.nsf/fd201a1c8a788e3f88256bc1005cd7d3*qt=%2Bftp*miniver=sym_fw_vpn_appliance_200*sone=sym_fw_vpn_appliance_2 00_tasks.html*stg=*prod=Symantec%20Firewall/VPN%20Appliance*ver=200*base=http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_200/*next=*b oolean=and&sone=sym_fw_vpn_appliance_200_tasks.html&stg=&prod=Symantec%20Firewall/VPN%20Appliance&ver=200&base=http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appli ance/sym_fw_vpn_appliance_200/&next=&src=ent&pcode=&dtype=corp&svy=

    Do you have any other suggestions? I'd sure like to be able to use my new Fetch software.

    Thanks,

    Posted 11 years ago #

  • Jim Matthews Administrator

    The Symantec FAQ for that product states "When you set up various applications, they may not function through the firewall unless you open ports for them. Virtual Servers and Custom Virtual Servers are for connections that initiate from outside your network; Special Applications are connections that initiate from inside your network." You aren't trying to access an FTP server inside your firewall from outside it, so I don't think the restriction on using passive mode with Virtual Servers applies to your situation.

    You may need to configure the firewall to allow all outbound TCP connections, and then use Fetch with passive mode enabled. Most firewalls come configured that way by default. Do any other FTP programs work through this firewall? For example, what happens when you enter:

    ftp://ftp.fetchsoftworks.com/

    in your web browser? Is your web browser configured to use a proxy server?

    Thanks,

    Jim Matthews
    Fetch Softworks

    Posted 11 years ago #

Topic closed

This topic has been closed.