Topic "bad ftpS connection: certificate A B ??"

Author Message
giurti
[View user's profile]

Joined: 2012-10-11
Posts: 1
Hello,
I can establish ftpS connection to my home NAS from my laptop on same LAN (same router),
but I can NOT establish ftpS connection to home NAS from my work PC.
Difference between 2 cases is that in the second case exists NAT, port forwarding and firewall.
I believe that I have properly configured the network (I have open and forwarding the 21 port); the ftp connection is OK.

My suspicion is handshake of certificates.
I report below the WinSCP connection logs for both cases.
The log difference is the sentence "server certificate A" and "server certificate B": what mins A and B certificate?
Who help me?
By

1) This is the WinCSP log of OK connection from my home laptop (same LAN and router):

. 2012-10-10 20.34.18.676 --------------------------------------------------------------------------
. 2012-10-10 20.34.18.676 WinSCP Version 5.1.0 (Build 2625) (OS 5.1.2600 Service Pack 3)
. 2012-10-10 20.34.18.676 Configuration: HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\
. 2012-10-10 20.34.18.676 Local account: UNKNOW\Giuseppe
. 2012-10-10 20.34.18.676 Working directory: C:\Programmi\WinSCP
. 2012-10-10 20.34.18.676 Command-line: "C:\Programmi\WinSCP\WinSCP.exe"
. 2012-10-10 20.34.18.676 Login time: mercoled 10 ottobre 2012 20.34.18
. 2012-10-10 20.34.18.676 --------------------------------------------------------------------------
. 2012-10-10 20.34.18.676 Session name: ??????????????????????? (Stored session)
. 2012-10-10 20.34.18.676 Host name: 192.168.1.250 (Port: 21)
. 2012-10-10 20.34.18.676 User name: admin (Password: No, Key file: No)
. 2012-10-10 20.34.18.676 Tunnel: No
. 2012-10-10 20.34.18.676 Transfer Protocol: FTP
. 2012-10-10 20.34.18.676 Ping type: C, Ping interval: 30 sec; Timeout: 15 sec
. 2012-10-10 20.34.18.676 Proxy: none
. 2012-10-10 20.34.18.676 FTP: FTPS: Explicit SSL; Passive: Yes [Force IP: A]
. 2012-10-10 20.34.18.676 Local directory: default, Remote directory: home, Update: Yes, Cache: Yes
. 2012-10-10 20.34.18.676 Cache directory changes: Yes, Permanent: Yes
. 2012-10-10 20.34.18.676 DST mode: 1
. 2012-10-10 20.34.18.676 --------------------------------------------------------------------------
. 2012-10-10 20.34.18.686 Session upkeep
. 2012-10-10 20.34.18.766 Connecting to 192.168.1.250 ...
. 2012-10-10 20.34.18.766 m_pSslLayer changed state from 0 to 1
. 2012-10-10 20.34.18.766 m_pSslLayer changed state from 1 to 2
. 2012-10-10 20.34.18.766 m_pSslLayer changed state from 2 to 4
. 2012-10-10 20.34.18.806 Connected with 192.168.1.250, negotiating SSL connection...
< 2012-10-10 20.34.18.806 220 NASFTPD Turbo station 1.3.2e Server (ProFTPD) [192.168.1.250]
> 2012-10-10 20.34.18.806 AUTH SSL
< 2012-10-10 20.34.18.806 234 AUTH SSL successful
. 2012-10-10 20.34.19.297 SSL_connect: SSLv3 read server hello A
. 2012-10-10 20.34.19.297 SSL_connect: SSLv3 read server certificate A
. 2012-10-10 20.34.19.297 SSL_connect: SSLv3 read server key exchange A
. 2012-10-10 20.34.19.297 SSL_connect: SSLv3 read server done A
. 2012-10-10 20.34.19.297 SSL_connect: SSLv3 write client key exchange A
. 2012-10-10 20.34.19.297 SSL_connect: SSLv3 write change cipher spec A
. 2012-10-10 20.34.19.297 SSL_connect: SSLv3 write finished A
. 2012-10-10 20.34.19.297 SSL_connect: SSLv3 flush data
. 2012-10-10 20.34.19.397 SSL_connect: SSLv3 read finished A
. 2012-10-10 20.34.19.397 Using TLSv1, cipher TLSv1/SSLv3: DHE-RSA-AES256-SHA, 2048 bit RSA
. 2012-10-10 20.34.19.437 SSL connection established. Waiting for welcome message...
> 2012-10-10 20.34.19.437 USER admin
< 2012-10-10 20.34.19.457 331 Password required for admin
........etc., etc........

2) This is the WinCSP log of bad connection from my work PC (whit NAT e firewall)(I mask whit ??? ip address and account info):

. 2012-10-10 09.16.12.378 --------------------------------------------------------------------------
. 2012-10-10 09.16.12.379 WinSCP Version 5.1.0 (Build 2625) (OS 6.0.6000)
. 2012-10-10 09.16.12.379 Configuration: HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\
. 2012-10-10 09.16.12.379 Local account: ??????????????????????????????????????????
. 2012-10-10 09.16.12.379 Working directory: C:\Program Files\WinSCP
. 2012-10-10 09.16.12.379 Command-line: "C:\Program Files\WinSCP\WinSCP.exe"
. 2012-10-10 09.16.12.379 Login time: mercoled 10 ottobre 2012 9.16.12
. 2012-10-10 09.16.12.379 --------------------------------------------------------------------------
. 2012-10-10 09.16.12.379 Session name: ????????????????????? con ssl (Stored session)
. 2012-10-10 09.16.12.379 Host name: 2.231.???.??? (Port: 21)
. 2012-10-10 09.16.12.379 User name: ?????(Password: No, Key file: No)
. 2012-10-10 09.16.12.379 Tunnel: No
. 2012-10-10 09.16.12.379 Transfer Protocol: FTP
. 2012-10-10 09.16.12.379 Ping type: C, Ping interval: 30 sec; Timeout: 15 sec
. 2012-10-10 09.16.12.379 Proxy: none
. 2012-10-10 09.16.12.379 FTP: FTPS: Explicit SSL; Passive: Yes [Force IP: A]
. 2012-10-10 09.16.12.379 Local directory: C:\Users\Documents, Remote directory: /Backup, Update: Yes, Cache: Yes
. 2012-10-10 09.16.12.379 Cache directory changes: Yes, Permanent: Yes
. 2012-10-10 09.16.12.379 DST mode: 1
. 2012-10-10 09.16.12.379 --------------------------------------------------------------------------
. 2012-10-10 09.16.12.380 Session upkeep
. 2012-10-10 09.16.12.423 Connecting to 2.231.???.??? ...
. 2012-10-10 09.16.12.423 m_pSslLayer changed state from 0 to 1
. 2012-10-10 09.16.12.423 m_pSslLayer changed state from 1 to 2
. 2012-10-10 09.16.12.423 m_pSslLayer changed state from 2 to 4
. 2012-10-10 09.16.12.477 Connected with 2.231.???.???, negotiating SSL connection...
< 2012-10-10 09.16.12.477 220 NASFTPD Turbo station 1.3.2e Server (ProFTPD) [192.168.1.250]
> 2012-10-10 09.16.12.477 AUTH SSL
< 2012-10-10 09.16.12.483 234 AUTH SSL successful
. 2012-10-10 09.16.12.756 SSL_connect: SSLv3 read server hello A
. 2012-10-10 09.16.12.756 SSL3 alert write: fatal: bad certificate
. 2012-10-10 09.16.12.756 SSL_connect: error in SSLv3 read server certificate B
. 2012-10-10 09.16.12.756 Can't establish SSL connection
. 2012-10-10 09.16.12.756 SSL_connect: error in SSLv3 read server certificate B
. 2012-10-10 09.16.12.756 Disconnected from server
. 2012-10-10 09.16.12.756 Connection failed.
. 2012-10-10 09.16.12.756 Got reply 1004 to the command 1
* 2012-10-10 09.16.12.793 (EFatal) Connection failed.
* 2012-10-10 09.16.12.793 SSL3 alert write: fatal: bad certificate
* 2012-10-10 09.16.12.793 SSL_connect: error in SSLv3 read server certificate B
* 2012-10-10 09.16.12.793 Can't establish SSL connection
* 2012-10-10 09.16.12.793 SSL_connect: error in SSLv3 read server certificate B
* 2012-10-10 09.16.12.793 Disconnected from server
* 2012-10-10 09.16.12.793 Connection failed.
* 2012-10-10 09.16.12.793 AUTH SSL successful
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License