FTPS with WinSCP, reporting Server sent passive reply with unroutable address

Hello,

I have an issue with an FTP site for one of our clients, I need to configure it to use FTPS, I have setup the FTP site in IIS on Windows Server 2012 R2 and I have select the certificate I want to use under FTP SSL Settings, when I connect to it using WinSCP it says TLS Connection Established which looks good however a couple of seconds later I get the following error message:

Server sent passive reply with unroutable address <INTERNAL IP ADDRESS>, using host address instead.
Timeout detected. (data connection)
Could not retrieve directory listing
Error listing directory '/'.

I'm not too sure what is causing this because if I switch to just FTP with no encryption the connection works without issue, any ideas?

Madball188 wrote:

I have an issue with an FTP site for one of our clients, I need to configure it to use FTPS, I have setup the FTP site in IIS on Windows Server 2012 R2 and I have select the certificate I want to use under FTP SSL Settings, when I connect to it using WinSCP it says TLS Connection Established which looks good however a couple of seconds later I get the following error message:
...

You did not configure the FTP server with its external IP address:
https://winscp.net/eng/docs/guide_windows_ftps_server#firewall
You also did you allow the FTP server though Windows Firewall:
https://winscp.net/eng/docs/guide_windows_ftps_server#window_firewall

I'm not too sure what is causing this because if I switch to just FTP with no encryption the connection works without issue, any ideas?

This is explained here:
https://winscp.net/eng/docs/ftp_modes#smart

You may want to also read the whole articles linked above, not just the respective sections.

Hi,

Thanks for the prompt response, I have checked what you've suggested and still doesn't work, so under Advanced Windows Firewall ports 21, 990 and 1024–65535 are open and enabled (icons are in green)

Under FTP Firewall Support in IIS data channel port range is set to 5000–5100 and has the companies public IP address of their firewall.

I have restarted the Microsoft FTP service and it won't connect from an external location with the same error message.

If you connect from a computer internally it works fine.

Thanks

This is really not a WinSCP question. You may want to move it to an appropriate site like https://superuser.com/