Firewall issue? Stops at "234 Proceed with negotiation"

Nov 8, 2012 at 3:10 PM
Edited Nov 8, 2012 at 3:16 PM

I'm having problems connecting to a server at a client site, but it's fine on my dev machine. I've been using ftps.exe command line to test.

At the client site, it fails to connect, giving the error "connection forcibly closed...". I've tried all -ssl flag options (I think). (Should I be trying -tls not -ssl?)

On my dev PC, connecting to the same host with same credentials, it works fine. FileZilla client is fine in both situations (encryption set to "Require explicit FTP over TLS")

My dev pc (Vista) is connected via a router, the client's PC (XP) via a Windows SBS server. I don't have full details of the client site setup (no admin access!).

Is this a firewall issue? In which case how does FileZilla do it?

All suggestions appreciated!

FTPS.exe Logfile extracts:

Client site (failing):

220 (vsFTPd 2.0.5)
AUTH TLS
234 Proceed with negotiation.

Dev PC (ok):

220 (vsFTPd 2.0.5)
AUTH TLS
234 Proceed with negotiation.
USER TestPlayer1
331 Please specify the password.
PASS ********
230 Login successful.
...

Filezilla client (both cases):

...
Status: Connection established, waiting for welcome message...
Response: 220 (vsFTPd 2.0.5)
Command: AUTH TLS
Response: 234 Proceed with negotiation.
Status: Initializing TLS...
Status: Verifying certificate...
Command: USER TestPlayer1
Status: TLS/SSL connection established.
Response: 331 Please specify the password.
Command: PASS *******
Response: 230 Login successful.
... 

 

Nov 12, 2012 at 4:22 PM
Edited Nov 12, 2012 at 4:26 PM

Well it wasn't a firewall problem.  It took a bit of tracing with NetMon , but the problem was that the the ftp server requires AES encryption, which is only supported in .NET on Vista and later. And the client PC's are running XP.

So I can't use the AlexFTPS client... Instead, I'm now using  ws_ftp - generating a script and then running it via Shell.