Topic "FTPS: Implicit SSL/TLS client side port number"

Author Message
flekana

Guest


Trying to connect to the server using FTPS: Implicit SSL/TLS.
I have two clients, on two different machines, one out in the open, other behind a firewall.
As one might suspect, the one behind the firewall does not connect properly. I get error "Could not retrieve directory listing".
I know that the server requires port 9922, so I made that request to IT (on the client side) and they opened it (apparently).
Is there another port, client specific, on the client side that I need to request?
Everything that I read about passive FTP, it sounds like the client will assign a port of incoming connection, but I'm not sure which one.
I'm trying to avoid going to IT asking for unknown port to be open or some "general type request" as they will not appreciate it (I would not either).


Thanks to all


Here is the log:

. 2014-07-14 10:17:33.466 --------------------------------------------------------------------------
. 2014-07-14 10:17:33.498 WinSCP Version 4.3.2 (Build 1201) (OS 5.1.2600 Service Pack 3)
. 2014-07-14 10:17:33.498 Login time: Monday, July 14, 2014 10:17:33 AM
. 2014-07-14 10:17:33.498 --------------------------------------------------------------------------
. 2014-07-14 10:17:33.498 Session name: xxxxx@xxxXXXXXXXXXXXXXXXXX.com
. 2014-07-14 10:17:33.498 Host name: XXXXXXXXXXXXXXXXX.com (Port: 9922)
. 2014-07-14 10:17:33.498 User name: xxxxxxxxx (Password: Yes, Key file: No)
. 2014-07-14 10:17:33.498 Tunnel: No
. 2014-07-14 10:17:33.498 Transfer Protocol: FTP
. 2014-07-14 10:17:33.498 Ping type: C, Ping interval: 30 sec; Timeout: 15 sec
. 2014-07-14 10:17:33.498 Proxy: none
. 2014-07-14 10:17:33.498 FTP: FTPS: Implicit SSL/TLS; Passive: Yes [Force IP: No]
. 2014-07-14 10:17:33.498 Local directory: default, Remote directory: home, Update: No, Cache: Yes
. 2014-07-14 10:17:33.498 Cache directory changes: Yes, Permanent: Yes
. 2014-07-14 10:17:33.498 DST mode: 1
. 2014-07-14 10:17:33.498 --------------------------------------------------------------------------
. 2014-07-14 10:17:33.654 Connecting to XXXXXXXXXXXXXXXXX.com:9922 ...
. 2014-07-14 10:17:33.716 Connected with XXXXXXXXXXXXXXXXX.com:9922, negotiating SSL connection...
. 2014-07-14 10:17:34.873 SSL connection established. Waiting for welcome message...
< 2014-07-14 10:17:34.873 220-XXXXXXXXXXXXXXXXX Corp.
< 2014-07-14 10:17:34.873 220-For technical support please contact helpdesk@XXXXXXXXXXXXXXXXX.com
< 2014-07-14 10:17:34.873 220 Thank You
> 2014-07-14 10:17:34.873 USER XXXXXXXXX
< 2014-07-14 10:17:34.935 331 Password required for XXXXXXXXX
> 2014-07-14 10:17:34.935 PASS ********
< 2014-07-14 10:17:34.998 230 Logged on
> 2014-07-14 10:17:34.998 SYST
< 2014-07-14 10:17:35.060 215 UNIX emulated by FileZilla
> 2014-07-14 10:17:35.060 FEAT
< 2014-07-14 10:17:35.123 211-Features:
< 2014-07-14 10:17:35.123 MDTM
< 2014-07-14 10:17:35.123 REST STREAM
< 2014-07-14 10:17:35.123 SIZE
< 2014-07-14 10:17:35.123 MLST type*;size*;modify*;
< 2014-07-14 10:17:35.123 MLSD
< 2014-07-14 10:17:35.123 AUTH SSL
< 2014-07-14 10:17:35.123 AUTH TLS
< 2014-07-14 10:17:35.123 PROT
< 2014-07-14 10:17:35.123 PBSZ
< 2014-07-14 10:17:35.123 UTF8
< 2014-07-14 10:17:35.123 CLNT
< 2014-07-14 10:17:35.123 MFMT
< 2014-07-14 10:17:35.123 211 End
> 2014-07-14 10:17:35.123 PBSZ 0
< 2014-07-14 10:17:35.185 200 PBSZ=0
> 2014-07-14 10:17:35.185 PROT P
< 2014-07-14 10:17:35.232 200 Protection level set to P
. 2014-07-14 10:17:35.232 Connected
. 2014-07-14 10:17:35.232 --------------------------------------------------------------------------
. 2014-07-14 10:17:35.232 Using FTP protocol.
. 2014-07-14 10:17:35.232 Doing startup conversation with host.
> 2014-07-14 10:17:35.248 PWD
< 2014-07-14 10:17:35.294 257 "/" is current directory.
. 2014-07-14 10:17:35.294 Getting current directory name.
. 2014-07-14 10:17:35.294 Retrieving directory listing...
> 2014-07-14 10:17:35.294 TYPE A
< 2014-07-14 10:17:35.357 200 Type set to A
> 2014-07-14 10:17:35.357 PASV
< 2014-07-14 10:17:35.419 227 Entering Passive Mode (xxx,xxx,xxx,xxx,195,91)
> 2014-07-14 10:17:35.419 LIST -a
< 2014-07-14 10:17:46.420 425 Can't open data connection for transfer of "/"
. 2014-07-14 10:17:46.420 Could not retrieve directory listing
. 2014-07-14 10:17:46.420 Retrieving directory listing...
> 2014-07-14 10:17:46.420 TYPE A
< 2014-07-14 10:17:46.467 200 Type set to A
> 2014-07-14 10:17:46.467 PASV
< 2014-07-14 10:17:46.529 227 Entering Passive Mode (xxx,xxx,xxx,xxx,195,128)
> 2014-07-14 10:17:46.529 LIST
< 2014-07-14 10:17:56.545 425 Can't open data connection for transfer of "/"
. 2014-07-14 10:17:56.545 Could not retrieve directory listing
* 2014-07-14 10:17:56.545 (ECommand) Error listing directory '/'.
* 2014-07-14 10:17:56.545 Could not retrieve directory listing
* 2014-07-14 10:17:56.545 Can't open data connection for transfer of "/"
. 2014-07-14 10:18:35.327 Startup conversation with host finished.
> 2014-07-14 10:18:35.968 TYPE A
< 2014-07-14 10:18:35.968 200 Type set to A
> 2014-07-14 10:18:46.968 REST 0
< 2014-07-14 10:18:46.968 350 Rest supported. Restarting at 0
. 2014-07-14 10:18:59.937 Disconnected from server
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24991
Location: Prague, Czechia
You have to open whole range of ports that the server uses for data channels.

See http://serverfault.com/questions/10807/what-firewall-ports-do-i-need-to-open-when-using-ftps.
_________________
Martin Prikryl
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24991
Location: Prague, Czechia
More information about "Transfer channel can't be opened" error:
https://winscp.net/eng/docs/message_transfer_channel_cant_be_opened
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License