Can't get a Serv-u login window from the net
204 views
Skip to first unread message
morph000
Oct 13, 2009, 12:10:46 AM10/13/09
to RhinoSoft.com User Group
I've just replaced my Billion 7300 with a 5200 an it's going ok
I've also upgraded from Serv-U v8 to V9 (but didn't save the old
settings as a clean install...).
My ststem is a standalone pc so just 192.168.1.100....
I want to allow ftp traffic but I can't seem to get it to work again..
I changed NAT to forward ports 20/21 to 192.168.1.100 where Serv-U has
listeners, but if I FTP to the fixed IP addy with a browser, I
sometimes get the Billion login screen rather than the Serv-U login...
I did have Serv-U 8 running ok with the old Billion, and it was fine.
So nothing's changed except for Serv-U and the Billion..
I've reinstalled Serv-U with bog standard settings (ie port 21 only,
ignore the other modes) now, but no difference..
Router changed to permit ports 20, 21, 50000-50004 with all TCP to NAT
to 192.168.1.100
Yes I can access Serv-U through local LAN (ftp://192.168.1.00) and
login ok, so the Serv-U listeners are doing their job.
I've disabled the Billion firewall - no difference.
Ports 20 & 21 are accessible according to the open port check tool at
canyouseeme.org
Anyone got some ideas please ? It's getting very frustrating..
I've also upgraded from Serv-U v8 to V9 (but didn't save the old
settings as a clean install...).
My ststem is a standalone pc so just 192.168.1.100....
I want to allow ftp traffic but I can't seem to get it to work again..
I changed NAT to forward ports 20/21 to 192.168.1.100 where Serv-U has
listeners, but if I FTP to the fixed IP addy with a browser, I
sometimes get the Billion login screen rather than the Serv-U login...
I did have Serv-U 8 running ok with the old Billion, and it was fine.
So nothing's changed except for Serv-U and the Billion..
I've reinstalled Serv-U with bog standard settings (ie port 21 only,
ignore the other modes) now, but no difference..
Router changed to permit ports 20, 21, 50000-50004 with all TCP to NAT
to 192.168.1.100
Yes I can access Serv-U through local LAN (ftp://192.168.1.00) and
login ok, so the Serv-U listeners are doing their job.
I've disabled the Billion firewall - no difference.
Ports 20 & 21 are accessible according to the open port check tool at
canyouseeme.org
Anyone got some ideas please ? It's getting very frustrating..
FTPServerTools
Oct 13, 2009, 5:43:20 PM10/13/09
to RhinoSoft.com User Group
Ok some ideas..
1:Did you try to login using a normal ftp program? I would like to see
the log result (you can mask out the last 2 parts of athe ip address
or send it privately..)
2:What does the serv-u log say?
3:Assuming you did the nat translation properly, can you connect by
using your wan ip address (get it from www.whatismyip.com).
4:I dont know what a billion for a thing is. Your port 21 seems ok.
Did you set upnp mode on or off? And that question goes for serv-u as
well as for the router.. Did you also try to connect to 127.0.0.1 on
port 21 with a normal ftp client, since 192.168.1.100 works this
should surely work. I assume that the NAT translation still works
properly. A cop out way is to simply set your 192.168.1.100 machine in
the DMZ (demilitarised zone). That is the only machine that then has
all traffic port access open. That might help to test what is going
on. Do put some kind of a firewall on that machine if you plan to keep
it in the dmz.
You have to use a normal ftp client for a good test. Activate passive
mode with it..
I am pretty sure I can help you if I see the logs.
If you insist in logging in via a browser be sure to active passive
mode as well in the browser.
1:Did you try to login using a normal ftp program? I would like to see
the log result (you can mask out the last 2 parts of athe ip address
or send it privately..)
2:What does the serv-u log say?
3:Assuming you did the nat translation properly, can you connect by
using your wan ip address (get it from www.whatismyip.com).
4:I dont know what a billion for a thing is. Your port 21 seems ok.
Did you set upnp mode on or off? And that question goes for serv-u as
well as for the router.. Did you also try to connect to 127.0.0.1 on
port 21 with a normal ftp client, since 192.168.1.100 works this
should surely work. I assume that the NAT translation still works
properly. A cop out way is to simply set your 192.168.1.100 machine in
the DMZ (demilitarised zone). That is the only machine that then has
all traffic port access open. That might help to test what is going
on. Do put some kind of a firewall on that machine if you plan to keep
it in the dmz.
You have to use a normal ftp client for a good test. Activate passive
mode with it..
I am pretty sure I can help you if I see the logs.
If you insist in logging in via a browser be sure to active passive
mode as well in the browser.
morph000
Oct 14, 2009, 5:40:56 AM10/14/09
to RhinoSoft.com User Group
OK - I've made significant headway !
I CAN login and do whatever IF I use FTPLive.com to do it (I just
stumbled across that site !). (Yes, I can still login locally via
ftp://192.168.1.100 and do whatever I want)
I don't even get a login window from MSIE7, just the "cannot display
the webpage" error.
With Opera v10 I get a login window, but I'm wondering if that is Serv-
U generated or just an Opera feature to generate a window because it
sees an FTP attempt ?? Opera says the password will be sent
UNencrypted, but Serv-U seems to be encrypting passwords (according to
the User section of management console)
I can't login via CuteFTP either, regardless of encryption standard
selected.
Cuteftp log extract below (IP info xxx'ed out !) :
STATUS:> [14/10/2009 7:56:29 PM] Getting listing ""...
STATUS:> [14/10/2009 7:56:29 PM] Connecting to FTP server...
xxx.xxx.xxx.xxx:21 (ip = xxx.xxx.xxx.xxx)...
STATUS:> [14/10/2009 7:56:29 PM] Socket connected. Waiting for
welcome message...
[14/10/2009 7:56:29 PM] 220 router FTP version 1.0 ready at Sat Jan
01 00:05:33 2000
STATUS:> [14/10/2009 7:56:29 PM] Connected. Authenticating...
COMMAND:> [14/10/2009 7:56:29 PM] USER morph
[14/10/2009 7:56:29 PM] 331 Enter PASS command
COMMAND:> [14/10/2009 7:56:29 PM] PASS *****
[14/10/2009 7:56:29 PM] 530 User morph cannot log in.
ERROR:> [14/10/2009 7:56:29 PM] Not logged in.
COMMAND:> [14/10/2009 7:56:32 PM] USER morph
ERROR:> [14/10/2009 7:56:32 PM] Control connection closed.
I turned the router firewall off and put the pc in the DMZ - no
difference, so I re-enabled the firewall and took it out the DMZ asap
for security !!
I now have Zonealarm Security Suite v9 running for safety (didn't made
any difference with it unloaded), and I allowed TCP on ports 20/21
(but removed the 50000-50004 I had there previously - does Serv-u
still need them ?) and I CAN still login to Serv-U via FTPLive.
So it almost looks like some sort of incompatible protocol or such
that browsers can't handle,or indeed CuteFTP.
So what's FTPLive.com doing that works ???
Attempting to connect with a browser dosn't even seem to generate a
log entry with Serv-u.
So how's this sound so far ?
---------------------
I CAN login and do whatever IF I use FTPLive.com to do it (I just
stumbled across that site !). (Yes, I can still login locally via
ftp://192.168.1.100 and do whatever I want)
I don't even get a login window from MSIE7, just the "cannot display
the webpage" error.
With Opera v10 I get a login window, but I'm wondering if that is Serv-
U generated or just an Opera feature to generate a window because it
sees an FTP attempt ?? Opera says the password will be sent
UNencrypted, but Serv-U seems to be encrypting passwords (according to
the User section of management console)
I can't login via CuteFTP either, regardless of encryption standard
selected.
Cuteftp log extract below (IP info xxx'ed out !) :
STATUS:> [14/10/2009 7:56:29 PM] Getting listing ""...
STATUS:> [14/10/2009 7:56:29 PM] Connecting to FTP server...
xxx.xxx.xxx.xxx:21 (ip = xxx.xxx.xxx.xxx)...
STATUS:> [14/10/2009 7:56:29 PM] Socket connected. Waiting for
welcome message...
[14/10/2009 7:56:29 PM] 220 router FTP version 1.0 ready at Sat Jan
01 00:05:33 2000
STATUS:> [14/10/2009 7:56:29 PM] Connected. Authenticating...
COMMAND:> [14/10/2009 7:56:29 PM] USER morph
[14/10/2009 7:56:29 PM] 331 Enter PASS command
COMMAND:> [14/10/2009 7:56:29 PM] PASS *****
[14/10/2009 7:56:29 PM] 530 User morph cannot log in.
ERROR:> [14/10/2009 7:56:29 PM] Not logged in.
COMMAND:> [14/10/2009 7:56:32 PM] USER morph
ERROR:> [14/10/2009 7:56:32 PM] Control connection closed.
I turned the router firewall off and put the pc in the DMZ - no
difference, so I re-enabled the firewall and took it out the DMZ asap
for security !!
I now have Zonealarm Security Suite v9 running for safety (didn't made
any difference with it unloaded), and I allowed TCP on ports 20/21
(but removed the 50000-50004 I had there previously - does Serv-u
still need them ?) and I CAN still login to Serv-U via FTPLive.
So it almost looks like some sort of incompatible protocol or such
that browsers can't handle,or indeed CuteFTP.
So what's FTPLive.com doing that works ???
Attempting to connect with a browser dosn't even seem to generate a
log entry with Serv-u.
So how's this sound so far ?
---------------------
FTPServerTools
Oct 14, 2009, 7:24:57 PM10/14/09
to RhinoSoft.com User Group
COMMAND:> [14/10/2009 7:56:29 PM] USER morph
[14/10/2009 7:56:29 PM] 331 Enter PASS command
COMMAND:> [14/10/2009 7:56:29 PM] PASS *****
[14/10/2009 7:56:29 PM] 530 User morph cannot log in.
ERROR:> [14/10/2009 7:56:29 PM] Not logged in.
COMMAND:> [14/10/2009 7:56:32 PM] USER morph
ERROR:> [14/10/2009 7:56:32 PM] Control connection closed
This says to me that you DO try to login. You get a a reply (331
[14/10/2009 7:56:29 PM] 331 Enter PASS command
COMMAND:> [14/10/2009 7:56:29 PM] PASS *****
[14/10/2009 7:56:29 PM] 530 User morph cannot log in.
ERROR:> [14/10/2009 7:56:29 PM] Not logged in.
COMMAND:> [14/10/2009 7:56:32 PM] USER morph
ERROR:> [14/10/2009 7:56:32 PM] Control connection closed
Enter PASS command) . But servu disallows you to access USER morph. So
either you forgot to set the ip access for that user, or you forgot
something else.
Please check the help file on setting the ip access. They can be set
at several levels (server, domain and user). I am doing this by head
now so forgive me if I made a small mistake.. I don thave a 9 version
in front of me atm... But it all looks pretty clear to me.
morph000
Oct 15, 2009, 5:17:22 AM10/15/09
to RhinoSoft.com User Group
It seems that others CAN login to the server ok.
I, however, cannot, via the public (WAN) IP addy.
It seems this is normal though, due to some loopback issue.
Refer -> http://utalk.att.com/utalk/board/message?message.uid=131452
I thought I used to be able to, but maybe not...I'm losing it with old
age ! LOL..
Oh well...
-------------------------------
I, however, cannot, via the public (WAN) IP addy.
It seems this is normal though, due to some loopback issue.
Refer -> http://utalk.att.com/utalk/board/message?message.uid=131452
I thought I used to be able to, but maybe not...I'm losing it with old
age ! LOL..
Oh well...
-------------------------------
morph000
Oct 24, 2009, 11:11:09 PM10/24/09
to RhinoSoft.com User Group
OK - with some help from an old I.T. friend (thanks to Rod McLagan at
Pinnacle), it's all going now.
YAY !
-----------
> > in front of me atm... But it all looks pretty clear to me.- Hide quoted text -
>
> - Show quoted text -
Pinnacle), it's all going now.
YAY !
-----------
>
> - Show quoted text -
FTPServerTools
Oct 26, 2009, 3:09:04 PM10/26/09
to RhinoSoft.com User Group
That is good.. I guess you set the WAN ip address as your ip? What did
you change?
you change?
Reply all
Reply to author
Forward
0 new messages