Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » FTP problem - Cannot access any servers
  •  
coelhopsi

Messages: 3
Karma: 0
Send a private message to this user
Hi...

I am having the following problem: I am unable to access any FTP server in the internet from my LAN machines. When trying to access ftp.download.com, for example, I receive the following error:

Connected to ftp.download.com.
421 Service not available (The FTP server is not responding.)
Connection terminated by remote host.


And this is the log of the packets from KWF:

[18/Sep/2004 21:44:44] PERMIT "NAT" packet from LAN, proto:TCP, len:48, ip/port:192.168.2.12:1206 -> 206.16.4.31:21, flags: SYN , seq:3483687569 ack:0, win:64240, tcplen:0
[18/Sep/2004 21:44:44] PERMIT "NAT" packet to LAN, proto:TCP, len:48, ip/port:206.16.4.31:21 -> 192.168.2.12:1206, flags: SYN ACK , seq:1446831771 ack:3483687570, win:16384, tcplen:0
[18/Sep/2004 21:44:44] PERMIT "NAT" packet from LAN, proto:TCP, len:40, ip/port:192.168.2.12:1206 -> 206.16.4.31:21, flags: ACK , seq:3483687570 ack:1446831772, win:64240, tcplen:0
[18/Sep/2004 21:44:45] PERMIT "NAT" packet to LAN, proto:TCP, len:102, ip/port:206.16.4.31:21 -> 192.168.2.12:1206, flags: ACK PSH , seq:1446831772 ack:3483687570, win:65535, tcplen:62
[18/Sep/2004 21:44:45] PERMIT "NAT" packet to LAN, proto:TCP, len:40, ip/port:206.16.4.31:21 -> 192.168.2.12:1206, flags: FIN ACK , seq:1446831834 ack:3483687570, win:65535, tcplen:0
[18/Sep/2004 21:44:45] PERMIT "NAT" packet from LAN, proto:TCP, len:40, ip/port:192.168.2.12:1206 -> 206.16.4.31:21, flags: ACK , seq:3483687570 ack:1446831835, win:64178, tcplen:0
[18/Sep/2004 21:44:45] PERMIT "NAT" packet from LAN, proto:TCP, len:40, ip/port:192.168.2.12:1206 -> 206.16.4.31:21, flags: RST , seq:3483687570 ack:1446831835, win:0, tcplen:0


What could be happening???

  •  
TheNBP

Messages: 4
Karma: 0
Send a private message to this user
Do you use a active or passive FTP Connection?

Are there any firewall restrictions?

Passive Mode is more firewall friendly although the WinRoute protocol inspector should open the additionaly needed ports for active FTP automatically (but not when you have blocked them manually).
  •  
feite

Messages: 523
Karma: 0
Send a private message to this user
Add a rule for FTP NAT, select the FTP service. This way the FTP protocol inspector will be used and ports that need to be open will be opened.
  •  
coelhopsi

Messages: 3
Karma: 0
Send a private message to this user
Made all above and still nothing...

I am starting to get pissed with Kerio! I am willing to buy it, but everyday I find a new problem! Now I've found out that, on certain conditions, a user is able to browse some websites without authenticating first (even though the Require Users to Authenticate option is enabled) and worst... this unauthenticated web activity doesn't get logged...

Fábio

[Updated on: Tue, 21 September 2004 01:39]

Previous Topic: Hide "Web site policy" page
Next Topic: почта: известная
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sat Nov 18 22:41:56 CET 2017

Total time taken to generate the page: 0.00448 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.