× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. August 2006

Re: FTP problem

If it helps any this is a known problem written up in APAR SE25247.

One customer is currently testing a V5R4 Test PTF to support the Clear 
Control Connection and hopefully this PTF will soon be generally 
available.

One warning -- the RFC for CCC is very ambiguous on some points so there's 
no guarantee that all servers will interpret the RFC the same (that is, 
that the PTF will necessarily fix your specific environment).

Bruce Vining




Scott Klement <midrange-l@xxxxxxxxxxxxxxxx> 
Sent by: midrange-l-bounces@xxxxxxxxxxxx
08/14/2006 02:38 PM
Please respond to
Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>


To
Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>
cc

Subject
Re: FTP problem






Steve,


"The problem is that the FTP control data is encrypted as it comes 

through

the firewalls, so it cannot be read to do the IP "natting" at the 
firewall."


Yep.  This is one of the big problems with the way SSL FTP works.


"Most third-party clients handle this by storing the original control 
address and using it during the transmission. Native FTP programs such 
as MSDOS and IBM's FTP do not allow for this and uses each control block 



as it is sent."


Sounds like a reference to the EPSV and EPRT (extended FTP) commands. 
Unfortunately, that's not available on i5/OS -- too bad, since it solves 
most of the common problems people have with FTP.  But... that's IBM for 
you, something has to be available for 15 years before the iSeries finally 

gets it.


"There is also a feature called Clear Control Channel that allows the 
userid and password to be sent encrypted, then all other data exchanged 
over the control channel to be sent as clear text. In our case, this 
would allow the firewall to see the IP address and correctly "nat" it to 



the proper IP. All data sent over the data channel will remain 
encrypted. According to our vendor, this is a feature normally found 
only in third-party FTP software, and they are fairly certain this 
feature would not be available on the default AS/400 operating system 
FTP software."

This response seems highly incorrect in light of the fact that we are
already FTPing from another bank using Sterling Software.

Is their response correct?


Is your other FTP that uses Sterling Software also SSL encrypted?  The 
issues raised by your technical contact are only related to SSL FTP, and 
won't have any impact on standard FTP.

But the description makes sense, and the guy sounds like he knows what 
he's talking about.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.