Re: Anybody have a clue why...

["Michael H. Warfield" <mhw () wittsend com>]

Will Kempf enscribed thusly:

> ...passive ftp won't work from command line through Firewall-1? 

> Windows clients such as WS_FTP and Netscape work just fine when set to
> passive mode. When I do a "quote PASV" in a command line ftp session (Unix
> or Windows command line clients), the server says its entering passive mode,
> but a list or file transfer in either direction just hangs.

        Time out!

        Both sides have to understand passive.  If you do a "quote PASV",
all you have done is send a PASV command over to the server.  It doesn't
mean that your client understands passive mode.  If you just do an "ls"
or "dir", the client is still going to attempt to do active "PORT" mode
unless you switch the client to passive mode (and some clients are not
capable).  On Linux, simply typing "passive" at the "ftp>" prompt is
sufficient (and you don't have to do the "quote PASV").  You can also
use the command "pftp" and ftp comes up defaulting to passive mode.  Not
all ftp clients support this, however, and if you are not on a recently
version of Linux or *BSD or you are on some other flavor of *NIX like
Solaris, HP/UX, or SCO, chances are your client does not understand passive.

        Try typing the command "passive" (no "quote") at the "ftp>" prompt.
If you get an error, you probably need to get a different ftp client.  Get
one of the open source flavors that supports passive ftp.

> The Firewall-1 policy has "enable passive ftp transfers" selected in the
> properties.

> TIA
> Will


        Mike
-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw () WittsEnd com
  (The Mad Wizard)      |  (770) 925-8248   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!